CVE-2023-4983

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Sep 15, 2023

Updated: May 17, 2024

CWE ID 352

Summary

CVE-2023-4983 is a newly disclosed cross-site scripting (XSS) vulnerability affecting app1pro Shopicial up to version 20230830. This issue lies within the file search function and can be triggered by manipulating an argument through input comments. The exploit, which can be initiated remotely, has been made public and may be used maliciously. The vendor was notified but did not respond to the disclosure. (VDB-239794)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/toVtpe
https://www.cve.org/CVERecord?id=CVE-2023-4983
https://nvd.nist.gov/vuln/detail/CVE-2023-4983

Back to Vulnerability Database

CVE-2023-4983

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations