CVE-2023-5687

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 20, 2023

Updated: Oct 27, 2023

CWE ID 352

Summary

CVE-2023-5687 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the GitHub repository mosparo/mosparo before version 1.0.3. An attacker could exploit this issue to force authenticated users to perform unwanted actions on the targeted website, such as changing account settings or making unintended transactions. The CSRF tokens used to prevent such attacks were found to be vulnerable to manipulation. Developers are strongly advised to update to the latest version of the repository to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tFMTD4
https://www.cve.org/CVERecord?id=CVE-2023-5687
https://nvd.nist.gov/vuln/detail/CVE-2023-5687

Back to Vulnerability Database

CVE-2023-5687

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations