CVE-2023-52228

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 27, 2024

CWE ID 79

Summary

CVE-2023-52228 is a Cross-site Scripting (XSS) vulnerability affecting the Mark Kinchin Beds24 Online Booking system. The issue, which allows Stored XSS attacks, is located in the web page generation process of the software. Impacted versions include those from n/a up to and including 2.0.24. Attackers can exploit this vulnerability to inject malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of their sessions. Users are encouraged to update to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t9pcFC
https://www.cve.org/CVERecord?id=CVE-2023-52228
https://nvd.nist.gov/vuln/detail/CVE-2023-52228

Back to Vulnerability Database

CVE-2023-52228

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations