exploitDog

GHSA-cv2r-cj8v-q8j3

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action.

SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action.

Ссылки

EPSS

Процентиль: 61%

0.00414

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2008-3701

nvd

больше 17 лет назад

SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action.

EPSS

Процентиль: 61%

0.00414

Низкий

CVE ID

Дефекты

CWE-89