CSRF Vulnerability in Averta Depicter Slider
CVE-2023-51491

8.8HIGH

Key Information:

Vendor: Averta
Status: Depicter
Vendor: CVE Published:; 16 March 2024

What is CVE-2023-51491?

A vulnerability exists in the Averta Depicter Slider that exposes users to Cross-Site Request Forgery (CSRF) attacks. When exploited, this flaw allows malicious actors to execute unauthorized commands on behalf of authenticated users without their consent. Users of Depicter Slider versions up to 2.0.6 are particularly at risk, emphasizing the need for immediate action to safeguard sensitive information and maintain the integrity of the web application. It is crucial for users to update the affected plugin or apply relevant security measures to mitigate the risks associated with this vulnerability.

References

https://patchstack.com/database/vulnerability/depicter/wo...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2024

JSON