CVE-2023-4913

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Sep 12, 2023

Updated: Sep 14, 2023

CWE ID 829

Summary

CVE-2023-4913 is a Cross-Site Scripting (XSS) vulnerability discovered in the GitHub repository cecilapp/cecil before version 7.47.1. Malicious actors could inject malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of user accounts. Exploiting this flaw requires no user interaction and can occur when a user visits a specially crafted webpage. The vulnerability poses a significant threat to users, making it essential for affected parties to upgrade to the patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/thUzIH
https://www.cve.org/CVERecord?id=CVE-2023-4913
https://nvd.nist.gov/vuln/detail/CVE-2023-4913

Back to Vulnerability Database

CVE-2023-4913

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations