CVE-2023-41735

CVSS 3.1 Score 7.5 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity none
Availability none
Scope unchanged
Privileges Required none

Details

Published Nov 30, 2023
Updated: Dec 6, 2023
CWE ID 200

Summary

CVE-2023-41735 is a vulnerability affecting the Email posts to subscribers function in Gopi Ramasamy's email system. The issue exposes sensitive information to unauthorized actors. Specifically, this vulnerability exists from version n/a up to 6.2. This means that any unauthorized user who manages to gain access to the affected email system during this version range could potentially view sensitive information meant only for subscribers. The exact nature of the sensitive information is not disclosed in the provided description.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share