CVE-2023-45836

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 16, 2023

Updated: Oct 20, 2023

CWE ID 352

Summary

CVE-2023-45836 is a Cross-Site Request Forgery (CSRF) vulnerability affecting version 2.0 of the XYDAC Ultimate Taxonomy Manager plugin. An attacker can exploit this weakness to force an unsuspecting user into performing unwanted actions on a website, such as making unintended changes or transfers, by tricking them into clicking a malicious link. This can lead to data theft, unauthorized access, or financial loss. Users are urged to update to the latest plugin version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s_wYtt
https://www.cve.org/CVERecord?id=CVE-2023-45836
https://nvd.nist.gov/vuln/detail/CVE-2023-45836

Back to Vulnerability Database

CVE-2023-45836

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations