exploitDog

CVE-2022-36030

Опубликовано: 20 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available.

Ссылки

https://github.com/vinsdragonis/Project-Nexus/security/advisories/GHSA-3pv7-25cc-mjvv
Third Party Advisory
https://github.com/vinsdragonis/Project-Nexus/security/advisories/GHSA-3pv7-25cc-mjvv
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:project-nexus_project:project-nexus:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

EPSS

Процентиль: 48%

0.0025

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89