CVE-2023-40833

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 12, 2023

Updated: Dec 7, 2023

Summary

CVE-2023-40833 is a vulnerability affecting Thecosy IceCMS version 1.0.0. This issue grants remote attackers privileges by exploiting a weakness in the handling of the Id and key parameters in the getCosSetting function. Successful exploitation could result in unauthorized access or system compromise. Users are advised to update to the latest version of IceCMS to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9xXpO
https://www.cve.org/CVERecord?id=CVE-2023-40833
https://nvd.nist.gov/vuln/detail/CVE-2023-40833

Back to Vulnerability Database

CVE-2023-40833

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations