CVE-2023-5810

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Oct 27, 2023
Updated: May 17, 2024
CWE ID 79

Summary

CVE-2023-5810 is a newly disclosed vulnerability affecting the flusity CMS, specifically the function loadPostAddForm in the core/tools/posts.php file. This issue is classified as problematic, allowing for cross-site scripting attacks via manipulation of the edit_post_id argument. The exploit can be initiated remotely and the public disclosure increases the risk of exploitation. Flusity CMS employs a rolling release strategy, so specific version details for affected and updated releases are unavailable. To mitigate this vulnerability, it is strongly recommended to apply the patch identified as 6943991c62ed87c7a57989a0cb7077316127def8. VDB-243641 is the assigned identifier for this security issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-5810 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database