PT-2023-32764 · Thecosy · Icecms
Zero121
·
Publicado
2023-12-13
·
Atualizado
2024-05-17
·
CVE-2023-6761
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Thecosy IceCMS versions up to 2.0.1
Description
A vulnerability has been found in the User Data Handler component, leading to improper access controls. The attack may be initiated remotely. This issue affects some unknown processing of the component.
Recommendations
For Thecosy IceCMS versions up to 2.0.1, consider restricting access to the User Data Handler component to minimize the risk of exploitation until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Icecms