CVE-2023-52226

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 28, 2024

Updated: Feb 29, 2024

CWE ID 352

Summary

CVE-2023-52226 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Advanced Flamingo from an unknown version up to 1.0. An attacker can exploit this flaw to force an authenticated user to perform unwanted actions on the targeted web application, potentially leading to data manipulation or unauthorized access. The vulnerability occurs due to a lack of proper CSRF tokens validation during form submissions. Users are advised to upgrade to the latest version of Advanced Flamingo and implement additional security measures to mitigate the risk of CSRF attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t9pq3S
https://www.cve.org/CVERecord?id=CVE-2023-52226
https://nvd.nist.gov/vuln/detail/CVE-2023-52226

Back to Vulnerability Database

CVE-2023-52226

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations