CVE-2023-49117

Summary

CVE-2023-49117 is a stored cross-site scripting (XSS) vulnerability affecting PowerCMS 6 Series, 5 Series, and 4 Series. This issue allows an attacker to inject malicious code into a PowerCMS website, which is then executed on a logged-in user's web browser. The vulnerability poses a significant risk, as all unsupported versions of PowerCMS 3 Series and earlier are also susceptible to this issue. Successful exploitation could lead to unauthorized access or data theft. Users are strongly advised to update their PowerCMS installation to the latest patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.