CVE-2023-52120

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 5, 2024

Updated: Jan 11, 2024

CWE ID 352

Summary

CVE-2023-52120 is a Cross-Site Request Forgery (CSRF) vulnerability impacting the Basix NEX-Forms – Ultimate Form Builder, specifically the Contact forms and other components. This issue allows attackers to manipulate users into performing unwanted actions on a web application, by tricking them into making unintended requests, even if they are currently logged in and authenticated. The vulnerability affects NEX-Forms versions from n/a to 8.5.2.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Basix NEX-Forms

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t84Oas
https://www.cve.org/CVERecord?id=CVE-2023-52120
https://nvd.nist.gov/vuln/detail/CVE-2023-52120

Back to Vulnerability Database

CVE-2023-52120

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations