CVE-2023-49030

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 27, 2023

Updated: Dec 13, 2023

CWE ID 89

Summary

CVE-2023-49030 is a newly disclosed SQL Injection vulnerability affecting the web/user.php component of 32ns KLive versions prior to 2019-1-19. An attacker can exploit this weakness by delivering a specially crafted script, enabling them to gain unauthorized access to sensitive data stored in the system. Successful exploitation could result in significant information disclosure, potentially leading to serious security consequences. Organizations using the affected version of 32ns KLive are strongly advised to update as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tfGjQm
https://www.cve.org/CVERecord?id=CVE-2023-49030
https://nvd.nist.gov/vuln/detail/CVE-2023-49030

Back to Vulnerability Database

CVE-2023-49030

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations