Home > Vulnerability Database > CVE-2023-6467

Mend.io Vulnerability Database

CVE-2023-6467

Date: December 2, 2023

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-246617 was assigned to this vulnerability.

Language: JS

Severity Score

3.1

Related Resources (5)

Url: https://vuldb.com/?ctiid.246617

Url: http://39.106.130.187/wenjian/2.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-6467

Url: https://vuldb.com/?id.246617

Url: https://www.mend.io/vulnerability-database/CVE-2023-6467

Severity Score

3.1

Weakness Type (CWE)

Improper Enforcement of a Single, Unique Action

CWE-837

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	2.1
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2023-6467

Date: December 2, 2023

Language: JS

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?