CVE-2023-4965

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 14, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-4965 is a newly disclosed vulnerability affecting phpipam version 1.5.1. This issue, rated as problematic, is linked to an unknown functionality of the Header Handler component. An attacker can exploit this flaw by manipulating the X-Forwarded-Host argument, leading to an open redirect. The exploit is publicly available, increasing the risk of remote attacks. Although the specific impact is unknown, the vulnerability identifier VDB-239732 underlines the urgency of addressing this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Superset

Affected Vendors

Apache Software Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tmmCqW
https://www.cve.org/CVERecord?id=CVE-2023-4965
https://nvd.nist.gov/vuln/detail/CVE-2023-4965

Back to Vulnerability Database