How severe is CVE-2023-41889?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-41889?

This is classified as CWE-176, which is a common weakness in software security.

CVE-2023-41889

MEDIUM Year: 2023

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-176

View all →

Vulnerability Description

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface after the normalization. The fix is initially performing the Unicode normalization and then strip for all whitespaces and then checking for a blank string. This issue has been fixed in version 1.18.0.

CVE-2020-8929

MEDIUM

CVSS:5.3(Medium)

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second...

CWE-1762020

CVE-2023-31169

MEDIUM

CVSS:5.7(Medium)

An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be exe...

CWE-1762023

CVE-2023-39213

CRITICAL

CVSS:9.8(Critical)

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network acce...

CWE-1762023

CVE-2024-24691

CRITICAL

CVSS:9.8(Critical)

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via ...

CWE-1762024