exploitDog

CVE-2021-40617

Опубликовано: 11 окт. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.

Ссылки

https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2021-40617.md
https://github.com/OS4ED/openSIS-Classic/issues/192
Exploit
Issue Tracking
Mitigation
Third Party Advisory
https://github.com/OS4ED/openSIS-Classic/issues/192
Exploit
Issue Tracking
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:*

EPSS

Процентиль: 86%

0.03077

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-6v7c-9pxp-gfcv

CVSS3: 9.8

github

больше 3 лет назад

An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.

EPSS

Процентиль: 86%

0.03077

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89