Описание
BMC Control-M Software v9.0.20.200 was discovered to contain a SQL injection vulnerability via the report-id parameter at /report/deleteReport.
BMC Control-M Software v9.0.20.200 was discovered to contain a SQL injection vulnerability via the report-id parameter at /report/deleteReport.
Связанные уязвимости
CVSS3: 9.8
nvd
больше 2 лет назад
BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200).