CVE-2023-4393

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 30, 2023

Updated: Nov 8, 2023

CWE ID 79

CWE ID 20

CWE ID 74

Summary

CVE-2023-4393 is a vulnerability affecting LiquidFiles registration pages in versions 3.7.13 and below.Malicious actors can exploit this HTML and SMTP injection flaw to launch sophisticated phishing attacks.The attacker can manipulate the registration form to deliver fraudulent content or steal sensitive information.This vulnerability poses a significant risk to organizations, as it can be leveraged to bypass security measures and compromise user accounts.Organizations using LiquidFiles are advised to update to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sXuGNB
https://www.cve.org/CVERecord?id=CVE-2023-4393
https://nvd.nist.gov/vuln/detail/CVE-2023-4393

Back to Vulnerability Database

CVE-2023-4393

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations