GHSA-3w4g-9275-6hgj

Опубликовано: 28 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 7.1

CVSS3: 6.5

Описание

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2025-13770
https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html
https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html

EPSS

Процентиль: 14%

0.00045

Низкий

7.1 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2025-13770

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-13770

CVSS3: 6.5

nvd

2 месяца назад

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

EPSS

Процентиль: 14%

0.00045

Низкий

7.1 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2025-13770

Дефекты

CWE-89