exploitDog

GHSA-fgw3-qp45-8h2h

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.

Ссылки

EPSS

Процентиль: 44%

0.00214

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2020-15792

CVSS3: 4.3

nvd

больше 5 лет назад

A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.

EPSS

Процентиль: 44%

0.00214

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-89