CVE-2023-4849

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 9, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-4849 is a critical vulnerability affecting IBOS OA 4.5.5. An unknown functionality in the file ?r=file/dashboard/trash&op=del is the target of this issue. Manipulation of the argument 'fids' allows for sql injection, enabling attackers to launch remote attacks. The exploit for this vulnerability, identified as VDB-239258, has been disclosed to the public, increasing the risk of its exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBOs

Affected Vendors

IBOs

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/soJfl7
https://www.cve.org/CVERecord?id=CVE-2023-4849
https://nvd.nist.gov/vuln/detail/CVE-2023-4849

Back to Vulnerability Database