CVE-2023-50830

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Dec 21, 2023

Updated: Dec 29, 2023

CWE ID 79

Summary

CVE-2023-50830 is a Cross-site Scripting (XSS) vulnerability affecting Seos Contact Form versions 1.8.0 and below. An attacker can inject malicious scripts into the form, which are then stored and executed on unsuspecting users' browsers when they view the affected page. This could lead to unauthorized access, data theft, or other malicious activities. The vulnerability arises from improper neutralization of user input during web page generation. Users are strongly advised to update their Seos Contact Form plugins to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tzkrkz
https://www.cve.org/CVERecord?id=CVE-2023-50830
https://nvd.nist.gov/vuln/detail/CVE-2023-50830

Back to Vulnerability Database

CVE-2023-50830

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations