CVE-2023-48767

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 14, 2023

Updated: Dec 18, 2023

CWE ID 79

Summary

CVE-2023-48767 is a Cross-site Scripting (XSS) vulnerability affecting Raghu Goriya MyTube PlayList. The issue lies in the improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into a victim's browser, potentially stealing sensitive data or taking control of the user's account. This issue impacts MyTube PlayList versions from n/a to 2.0.3. Users are strongly advised to update their software to the latest patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/td-s1g
https://www.cve.org/CVERecord?id=CVE-2023-48767
https://nvd.nist.gov/vuln/detail/CVE-2023-48767

Back to Vulnerability Database

CVE-2023-48767

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations