exploitDog

GHSA-2c63-vgrp-m7w4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.

Ссылки

EPSS

Процентиль: 60%

0.00406

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2019-5934

CVSS3: 7.2

nvd

больше 6 лет назад

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.

EPSS

Процентиль: 60%

0.00406

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89