CVE-2023-6760

EUVD-2023-58972
A vulnerability classified as critical was found in Thecosy IceCMS up to 2.0.1. This vulnerability affects unknown code. The manipulation leads to manage user sessions. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247888.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
6.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
thecosyicecms
2.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://39.106.130.187/yue/yue.html
https://vuldb.com/?ctiid.247888
https://vuldb.com/?id.247888
http://39.106.130.187/yue/yue.html
https://vuldb.com/?ctiid.247888
https://vuldb.com/?id.247888