CVE-2023-49751

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 17, 2023

Updated: Dec 20, 2023

CWE ID 352

Summary

CVE-2023-49751 represents a Cross-Site Request Forgery (CSRF) vulnerability in the Ciprian Popescu Block for Font Awesome. This issue puts versions 1.4.0 and earlier at risk. CSRF attacks trick users into making unintended actions on a website they're already authenticated on. In this case, an attacker can exploit this flaw to perform unauthorized actions on behalf of the user, potentially leading to data theft or unintended changes. Users are advised to update to the latest version of the plugin to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/toKCgl
https://www.cve.org/CVERecord?id=CVE-2023-49751
https://nvd.nist.gov/vuln/detail/CVE-2023-49751

Back to Vulnerability Database

CVE-2023-49751

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations