Описание
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner.
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner.
EPSS
Процентиль: 85%
0.02424
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner.
EPSS
Процентиль: 85%
0.02424
Низкий