CVE-2023-6467

Name of the Vulnerable Software and Affected Versions Thecosy IceCMS version 2.0.1

Description A vulnerability was found in the Comment Like Handler component, affecting the processing of the file /Websquare/likeClickComment/. This issue leads to improper enforcement of a single, unique action and can be initiated remotely. The complexity of an attack is rather high, and the exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Recommendations For Thecosy IceCMS version 2.0.1, consider disabling the Comment Like Handler component or restricting access to the /Websquare/likeClickComment/ file until a patch is available. As a temporary workaround, avoid using the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.