CVE-2023-50827

CVSS 3.1 Score 5.9 of 10 (medium)

Attack Complexity low
Scope changed
Privileges Required high
Confidentiality low
Integrity low
Availability low

Details

Published Dec 21, 2023
Updated: Dec 27, 2023
CWE ID 79

Summary

CVE-2023-50827 is a vulnerability categorized as CWE-79, which refers to the improper neutralization of input during web page generation (cross-site scripting). The vulnerability affects Accredible Certificates & Open Badges versions up to 1.4.8. It allows for stored cross-site scripting (XSS) attacks. The risk score is 25, indicating a medium severity level. The privileges required for exploitation are high, and user interaction is required. The attack vector is through the network, and the impact on integrity and confidentiality is low. Remediation measures should be taken to address this vulnerability promptly and mitigate the potential danger it poses to organizations using the affected products.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share