Description

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.

Remediation

References

CVE-2023-43177

Related Vulnerabilities

PostgreSQL Other Vulnerability (CVE-2002-1397)

WordPress Plugin TR Easy Google Analytics Cross-Site Scripting (1.0.0)

WordPress Plugin Oi Yandex.Maps for WordPress Cross-Site Scripting (3.2.7)

WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (4.0.3)

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.8)

Severity

Critical

Classification

CVE-2023-43177 CWE-913 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities