CVE-2023-44463

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 2, 2023

Updated: Oct 4, 2023

Summary

CVE-2023-44463: A vulnerability was discovered in pretix before version 2023.7.1. Due to incorrect configuration file parsing, the application unintentionally trusts unchecked X-Forwarded-For headers. This issue can result in IP address spoofing, allowing users to masquerade their true IP addresses to the application. It is recommended that users update to the latest version of pretix to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Rami Pretix

Affected Vendors

RAMI

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s1BJB6
https://www.cve.org/CVERecord?id=CVE-2023-44463
https://nvd.nist.gov/vuln/detail/CVE-2023-44463

Back to Vulnerability Database