CVE-2023-47184

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Nov 6, 2023

Updated: Nov 14, 2023

CWE ID 79

Summary

CVE-2023-47184 is a stored Cross-Site Scripting (XSS) vulnerability affecting version 1.2.8 and below of Proper Fraction LLC's Admin Bar & Dashboard Access Control plugin. This issue allows an attacker to inject malicious scripts into a website, which can be executed whenever an administrator or other privileged user views the affected page. The attacker can use this vulnerability to steal sensitive information, manipulate content, or gain further unauthorized access to the targeted system. Administrators are strongly advised to update the plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tOFLmf
https://www.cve.org/CVERecord?id=CVE-2023-47184
https://nvd.nist.gov/vuln/detail/CVE-2023-47184

Back to Vulnerability Database

CVE-2023-47184

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations