CVE-2023-5988

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 21, 2023

Updated: Jan 4, 2024

CWE ID 79

Summary

CVE-2023-5988 is a Cross-site Scripting (XSS) vulnerability affecting Uyumsoft Information System and Technologies LioXERP before version 146. The issue arises due to improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability by injecting malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of their sessions. This can lead to unintended execution of malicious code and compromise the security of affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tTvc1_
https://www.cve.org/CVERecord?id=CVE-2023-5988
https://nvd.nist.gov/vuln/detail/CVE-2023-5988

Back to Vulnerability Database

CVE-2023-5988

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations