exploitDog

GHSA-pw8x-9www-h93w

Опубликовано: 21 дек. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.

Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.

Ссылки

EPSS

Процентиль: 73%

0.00763

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-35234

CVSS3: 8

nvd

около 4 лет назад

Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.

EPSS

Процентиль: 73%

0.00763

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89