exploitDog

GHSA-292q-rvhx-63rq

Опубликовано: 07 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records.

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records.

Ссылки

EPSS

Процентиль: 25%

0.00086

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-28094

CVSS3: 8.8

nvd

почти 2 года назад

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records.

EPSS

Процентиль: 25%

0.00086

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89