exploitDog

GHSA-xw93-h7ff-35ff

Опубликовано: 23 дек. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.

Ссылки

EPSS

Процентиль: 90%

0.05291

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-21924

CVSS3: 6.5

nvd

больше 3 лет назад

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.

BDU:2021-05684

CVSS3: 7.7

fstec

около 4 лет назад

Уязвимость реализации компонента «список устройств» (device_list) программного средства мониторинга состояния и функций маршрутизаторов Advantech R-SeeNet, позволяющая нарушителю проводить межсайтовые сценарные атаки

EPSS

Процентиль: 90%

0.05291

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89