Vulnerability Details CVE-2023-2533
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in
PaperCut NG/MF, which, under specific conditions, could potentially enable
an attacker to alter security settings or execute arbitrary code. This could
be exploited if the target is an admin with a current login session. Exploiting
this would typically involve the possibility of deceiving an admin into clicking
a specially crafted malicious link, potentially leading to unauthorized changes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.4%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2023-2533
-
cpe:2.3:a:papercut:papercut_mf:22.0.10
-
cpe:2.3:a:papercut:papercut_ng:22.0.10