What is CVE-2023-6438?

CVE-2023-6438 is a medium-severity vulnerability in Thecosy Icecms, classified under CWE-837. CVSS score: 4.3/10. Published 2023-11-30.

How severe is CVE-2023-6438?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Thecosy Icecms

CVE-2023-6438

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single…

EPSS: 0.001 (28.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Thecosy Icecms — versions 2.0.1

Weakness classification (CWE)

CWE-837

References

vuldb.com/ (vdb-entry)
vuldb.com/ (signature, permissions-required)
124.71.147.32:8082 (exploit)

Frequently asked questions

What is CVE-2023-6438?: CVE-2023-6438 is a medium-severity vulnerability in Thecosy Icecms, classified under CWE-837. CVSS score: 4.3/10. Published 2023-11-30.
How severe is CVE-2023-6438?: Medium severity. CVSS v3 base score is 4.3 out of 10.