CVE-2023-6474

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 3, 2023

Updated: May 17, 2024

CWE ID 352

Summary

CVE-2023-6474 is a newly discovered vulnerability affecting the PHPGurukul Nipah Virus Testing Management System version 1.0. This issue, classified as problematic, targets unknown code within the file manage-phlebotomist.php. By manipulating the argument pid, an attacker can initiate cross-site request forgery, enabling them to execute unwanted actions on the affected system. This exploit can be executed remotely, and the details have been disclosed to the public, increasing the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tps7rO
https://www.cve.org/CVERecord?id=CVE-2023-6474
https://nvd.nist.gov/vuln/detail/CVE-2023-6474

Back to Vulnerability Database

CVE-2023-6474

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations