Описание
Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:metersphere:metersphere:1.15.4:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.1339
Средний
8.8 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter.
EPSS
Процентиль: 94%
0.1339
Средний
8.8 High
CVSS3
Дефекты
CWE-89