CVE-2023-2239: Exposure of Private Personal Information to an Unauthorized Actor in microweber/microweber
First published: Sat Apr 22 2023(Updated: )
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4.
Credit: security@huntr.dev security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microweber Microweber | <1.3.4 | |
| composer/microweber/microweber | <1.3.4 | 1.3.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-2239.
What is the severity of CVE-2023-2239?
The severity of CVE-2023-2239 is high.
Which software version is affected by CVE-2023-2239?
The software version affected by CVE-2023-2239 is Microweber prior to 1.3.4.
How can an unauthorized actor access private personal information in the affected GitHub repository?
An unauthorized actor can access private personal information in the affected GitHub repository by exploiting the vulnerability in Microweber prior to version 1.3.4.
How can I fix the CVE-2023-2239 vulnerability?
To fix the CVE-2023-2239 vulnerability, update Microweber to version 1.3.4 or later.
- collector/nvd-index
- collector/github-advisory-latest
- alias/GHSA-h83h-77x2-6w6g
- alias/CVE-2023-2239
- collector/nvd-cve
- collector/github-advisory
- agent/author
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/trending
- vendor/microweber
- canonical/microweber microweber
- package-manager/composer