CVE-2023-6673

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 2, 2024

Updated: Feb 6, 2024

CWE ID 79

Summary

CVE-2023-6673 is a Cross-site Scripting (XSS) vulnerability affecting National Keep Cyber Security Services' CyberMath from version 1.4 to 1.5. An attacker can exploit this Improper Neutralization of Input issue during web page generation to inject malicious scripts into a victim's browser, potentially stealing sensitive information or taking control of the user's session. This poses a serious security risk, underscoring the importance of applying the necessary patch or update to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tw-kUO
https://www.cve.org/CVERecord?id=CVE-2023-6673
https://nvd.nist.gov/vuln/detail/CVE-2023-6673

Back to Vulnerability Database

CVE-2023-6673

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations