Vulnerabilities > CVE-2023-6438 - Improper Enforcement of a Single, Unique Action vulnerability in Thecosy Icecms 2.0.1

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

thecosy

CWE-837

NVD

Published: 2023-11-30

Updated: 2024-04-11

Summary

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246438 is the identifier assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Thecosy Thecosy Icecms 2.0.1	1

Common Weakness Enumeration (CWE)

CWE-837 - Improper Enforcement of a Single, Unique Action

References

https://vuldb.com/?id.246438
https://vuldb.com/?ctiid.246438
http://124.71.147.32:8082