PT-2023-23082 · Foundry · Foundry Issues

Published

2023-08-03

Updated

2023-08-08

CVE-2023-30952

CVSS v3.1

5.0

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Foundry Issues versions prior to 6.228.0

Description A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue.

Recommendations For versions prior to 6.228.0, update to Frontend release 6.228.0 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2023-30952

Affected Products

Foundry Issues

PT-2023-23082 · Foundry · Foundry Issues

CVE-2023-30952

Weakness Enumeration

Related Identifiers

Affected Products

References · 4