CVE-2023-41703

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 12, 2024

Updated: Feb 16, 2024

CWE ID 79

Summary

CVE-2023-41703 is a vulnerability affecting document processing where user ID references in document comments were incorrectly sanitized. This issue allows for the injection of script code into a user's session, potentially leading to unauthorized access. It is recommended to deploy the latest updates and patch releases to mitigate this risk. The vulnerability lies in the handling of user-defined content like comments and mentions, which are now being filtered to prevent potentially harmful input. Currently, no publicly available exploits have been reported.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgg-IM
https://www.cve.org/CVERecord?id=CVE-2023-41703
https://nvd.nist.gov/vuln/detail/CVE-2023-41703

Back to Vulnerability Database

CVE-2023-41703

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations