CVE-2023-5989

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 21, 2023

Updated: Jan 4, 2024

CWE ID 79

Summary

CVE-2023-5989 is a Cross-site Scripting (XSS) vulnerability affecting Uyumsoft Information System and Technologies LioXERP before version 146. The flaw, described as an "Improper Neutralization of Input During Web Page Generation," allows attackers to inject and execute malicious scripts in a user's web browser. Successful exploitation can lead to unauthorized data access, account takeover, and other malicious activities. Users are encouraged to upgrade to the latest version of LioXERP to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tTvXCC
https://www.cve.org/CVERecord?id=CVE-2023-5989
https://nvd.nist.gov/vuln/detail/CVE-2023-5989

Back to Vulnerability Database

CVE-2023-5989

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations