CVE-2023-43614

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 27, 2023

Updated: Sep 28, 2023

CWE ID 79

Summary

CVE-2023-43614 is a newly disclosed cross-site scripting (XSS) vulnerability. This issue affects the Order Data Edit page in Welcart e-Commerce versions 2.7 to 2.8.21. An unauthenticated attacker can exploit this weakness to inject arbitrary scripts, potentially stealing sensitive user information or gaining unauthorized access. This vulnerability poses a significant risk to websites using the affected versions and requires immediate patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/svJDV6
https://www.cve.org/CVERecord?id=CVE-2023-43614
https://nvd.nist.gov/vuln/detail/CVE-2023-43614

Back to Vulnerability Database

CVE-2023-43614

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations