CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-45893

An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/Oracle-Security/CVEs/blob/main/FloorsightSoftware/CVE-2023-45893.md
https://github.com/Oracle-Security/CVEs/blob/main/FloorsightSoftware/CVE-2023-45893.md

Products affected by CVE-2023-45893

Floorsightsoftware » Customer Portal » Version: N/A

cpe:2.3:a:floorsightsoftware:customer_portal:-
Floorsightsoftware » Customer Portal » Version: q3_2023

cpe:2.3:a:floorsightsoftware:customer_portal:q3_2023

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45893

Products

Pricing

Contact Us