CVE-2023-51539

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 5, 2024

Updated: Jan 12, 2024

CWE ID 352

Summary

CVE-2023-51539 represents a Cross-Site Request Forgery (CSRF) vulnerability affecting versions of Apollo13 Framework Extensions from n/a through 1.9.1. This issue enables unauthorized users to submit malicious requests on behalf of other users who have previously visited the same webpage. This could potentially lead to actions being performed on behalf of the victim, such as account takeovers or data manipulation. It is crucial for users to update their Apollo13 Framework Extensions to a patched version to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uB5pM0
https://www.cve.org/CVERecord?id=CVE-2023-51539
https://nvd.nist.gov/vuln/detail/CVE-2023-51539

Back to Vulnerability Database

CVE-2023-51539

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations