CVE-2023-45835

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Dec 28, 2023

CWE ID 79

Summary

CVE-2023-45835 is an unauthorized Reflected Cross-Site Scripting (XSS) vulnerability affecting the Libsyn Publisher Hub plugin versions 1.4.4 and below. An attacker can inject malicious scripts into a website using specially crafted input, exploiting this flaw to steal user data or take control of their browsing session. Successful attacks could lead to serious consequences, including identity theft or account takeover. Users are strongly advised to update the plugin to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s_wbjt
https://www.cve.org/CVERecord?id=CVE-2023-45835
https://nvd.nist.gov/vuln/detail/CVE-2023-45835

Back to Vulnerability Database

CVE-2023-45835

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations