CVE-2023-41450

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 28, 2023

CWE ID 94

Summary

CVE-2023-41450 is a vulnerability affecting phpkobo AjaxNewsTicker version 1.0.5. This issue enables a remote attacker to exploit the component by sending a specially crafted payload to the reque parameter. Successful exploitation results in the execution of arbitrary code, allowing unauthorized access or system compromise. Upgrading to a patched version or implementing effective access controls are recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgIfgt
https://www.cve.org/CVERecord?id=CVE-2023-41450
https://nvd.nist.gov/vuln/detail/CVE-2023-41450

Back to Vulnerability Database

CVE-2023-41450

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations