CVE-2023-43884

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 28, 2023

Updated: Sep 29, 2023

CWE ID 79

Summary

CVE-2023-43884 is a newly discovered Cross-Site Scripting (XSS) vulnerability. This issue affects the Transactions panel in Subrion v4.2.1, where a crafted payload can be injected into the 'Reference ID' parameter. Successful exploitation allows attackers to execute arbitrary web scripts or HTML code, potentially leading to unauthorized access, data theft, or website defacement. This vulnerability poses a significant risk to users of Subrion v4.2.1 and requires immediate patching to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/syX27u
https://www.cve.org/CVERecord?id=CVE-2023-43884
https://nvd.nist.gov/vuln/detail/CVE-2023-43884

Back to Vulnerability Database

CVE-2023-43884

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations