CVE-2023-47871

MEDIUM

IT Path Solutions Contact Form to Any API <1.1.6 - RCE

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in IT Path Solutions Contact Form to Any API allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form to Any API: from n/a through 1.1.6.

Scores

CVSS v3 4.3
EPSS 0.0046
EPSS Percentile 36.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (2)
IT Path Solutions/Contact Form to Any API < 1.1.6
itpathsolutions/Contact Form to Any API < 1.1.6
Published Dec 09, 2024
Tracked Since Feb 18, 2026