CVE-2023-47556

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 18, 2023

Updated: Nov 24, 2023

CWE ID 352

Summary

CVE-2023-47556 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the James Mehorter Device Theme Switcher. This issue, which impacts versions from n/a to 3.0.2, allows an attacker to induce unintended actions from a user, who is currently logged into a web application, by tricking them into visiting a malicious website. As a result, the attacker may be able to modify the user's settings or data within the affected application, potentially leading to unauthorized actions or data theft.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tS3GTP
https://www.cve.org/CVERecord?id=CVE-2023-47556
https://nvd.nist.gov/vuln/detail/CVE-2023-47556

Back to Vulnerability Database

CVE-2023-47556

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations