exploitDog

GHSA-m55m-3w7q-px94

Опубликовано: 29 апр. 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

Ссылки

EPSS

Процентиль: 65%

0.00502

Низкий

CVE ID

Связанные уязвимости

CVE-2004-1498

nvd

больше 20 лет назад

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

EPSS

Процентиль: 65%

0.00502

Низкий

CVE ID