CVE-2023-48176

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 20, 2023

Updated: Nov 30, 2023

Summary

CVE-2023-48176 is a newly discovered vulnerability affecting WebsiteGuide version 0.2. This issue involves insecure permissions, enabling a remote attacker to exploit the system by crafting malicious JSON web tokens (JWT). Successful exploitation grants the attacker escalated privileges, posing a significant risk to the security of affected installations. Users are strongly urged to update to the latest version of WebsiteGuide to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tYo0tx
https://www.cve.org/CVERecord?id=CVE-2023-48176
https://nvd.nist.gov/vuln/detail/CVE-2023-48176

Back to Vulnerability Database

CVE-2023-48176

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations