CVE-2023-50843

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 28, 2023

Updated: Jan 4, 2024

CWE ID 89

Summary

CVE-2023-50843 is an SQL Injection vulnerability affecting Clockwork Clockwork SMS Notifications. The issue arises from improper neutralization of special elements in SQL commands. This weakness can be exploited to inject malicious code into SQL statements, potentially leading to unauthorized access or data manipulation. Clockwork SMS Notifications versions from n/a through 3.0.4 are vulnerable to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tzjcMY
https://www.cve.org/CVERecord?id=CVE-2023-50843
https://nvd.nist.gov/vuln/detail/CVE-2023-50843

Back to Vulnerability Database

CVE-2023-50843

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations