CVE-2023-52195

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 1, 2024

Updated: Feb 6, 2024

CWE ID 79

Summary

CVE-2023-52195 is a Cross-site Scripting (XSS) vulnerability affecting Kerry James, a web application from version n/a through 1.7. An attacker can exploit this Improper Neutralization of Input vulnerability during web page generation to inject malicious scripts into pages viewed by other users. These scripts can steal user data, modify webpage content, or carry out other malicious actions. This issue poses a significant risk to users and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t9j0uq
https://www.cve.org/CVERecord?id=CVE-2023-52195
https://nvd.nist.gov/vuln/detail/CVE-2023-52195

Back to Vulnerability Database

CVE-2023-52195

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations