exploitDog

GHSA-234c-whv9-v8j6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp.

dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp.

Ссылки

EPSS

Процентиль: 59%

0.00365

Низкий

CVE ID

Связанные уязвимости

CVE-2019-12872

CVSS3: 7.2

nvd

почти 7 лет назад

dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp.

EPSS

Процентиль: 59%

0.00365

Низкий

CVE ID