Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-09-18T20:02:40.767Z
Updated: 2023-09-18T20:02:40.767Z
Reserved: 2023-09-06T15:41:16.528Z
Link: CVE-2023-39446
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-18T21:15:56.117
Modified: 2024-05-17T02:26:59.603
Link: CVE-2023-39446
JSON object: View
Redhat Information
No data.
CWE