PT-2023-32764 · Thecosy · Icecms
Zero121
·
Published
2023-12-13
·
Updated
2024-05-17
·
CVE-2023-6761
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Thecosy IceCMS versions up to 2.0.1
Description
A vulnerability has been found in the User Data Handler component, leading to improper access controls. The attack may be initiated remotely. This issue affects some unknown processing of the component.
Recommendations
For Thecosy IceCMS versions up to 2.0.1, consider restricting access to the User Data Handler component to minimize the risk of exploitation until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Icecms