Unknown · Liquidfiles · CVE-2023-4393
**Name of the Vulnerable Software and Affected Versions**
LiquidFiles versions 3.7.13 and below
**Description**
The issue allows an attacker to perform more advanced phishing attacks against an organization through HTML and SMTP injections on the registration page.
**Recommendations**
For versions 3.7.13 and below, update to a version above 3.7.13 to resolve the issue.
As a temporary workaround, consider restricting access to the registration page until a patch is available.
Avoid using the registration page for sensitive operations until the issue is resolved.