High severity8.8NVD Advisory· Published May 10, 2023· Updated Jun 17, 2026
CVE-2023-27889
CVE-2023-27889
Description
Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.2
- LIQUID DESIGN Ltd./LIQUID SPEECH BALLOONv5Range: versions prior to 1.2
Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN99657911/nvdThird Party Advisory
- wordpress.org/plugins/liquid-speech-balloon/nvdRelease Notes
News mentions
0No linked articles in our index yet.