A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)
![](https://www.dataleakreport.com/wp-content/uploads/2023/04/Screen-Shot-2023-04-24-at-9.22.39-AM-1024x670.png)
Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to grab enterprise data, and Huntress researchers discovered CVE-2023-35036 after partnering with Progress to perform a code review of the web app. About CVE-2023-35708 CVE-2023-35708 is a vulnerability that could lead to escalated privileges and unauthorized access. … More
The post A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) appeared first on Help Net Security.