CVE-2023-23464

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-942
View all →

Vulnerability Description

Media CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure.

Related Vulnerabilities

CVE-2022-47717

HIGH
CVSS:7.5(High)

Last Yard 22.09.8-1 is vulnerable to Cross-origin resource sharing (CORS).

CWE-9422022

CVE-2023-38125

HIGH
CVSS:7.5(High)

Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected insta...

CWE-9422023

CVE-2025-25234

HIGH
CVSS:7.5(High)

Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain ...

CWE-9422025

CVE-2019-14860

HIGH
CVSS:7.4(High)

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further acces...

CWE-9422019

CVE-2023-38122

HIGH
CVSS:7.2(High)

Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected i...

CWE-9422023

CVE-2024-32862

HIGH
CVSS:8.1(High)

Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.

CWE-9422024