CVE-2023-49707

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 14, 2023

Updated: Dec 19, 2023

CWE ID 89

Summary

CVE-2023-49707 is a newly disclosed SQL injection vulnerability affecting the S5 Register module for Joomla. An attacker can exploit this flaw to gain unauthorized access to sensitive data, manipulate or delete information, and potentially take control of the affected Joomla site. The vulnerability arises due to insufficient input validation on user inputs in the module's SQL queries. Website administrators using the S5 Register module are advised to update to the latest version or apply the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Joomlart

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tnxa3u
https://www.cve.org/CVERecord?id=CVE-2023-49707
https://nvd.nist.gov/vuln/detail/CVE-2023-49707

Back to Vulnerability Database

CVE-2023-49707

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations