exploitDog

CVE-2022-43020

Опубликовано: 19 окт. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.

Ссылки

https://github.com/hansmach1ne/CVE-portfolio/tree/main/CVE-2022-43020
Exploit
Third Party Advisory
https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_in_Tag_Updates.md
Exploit
Third Party Advisory
https://github.com/hansmach1ne/opencats_zero-days/blob/main/SQLI_in_Tag_Updates.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-f3vr-75f7-2x9p

CVSS3: 6.5

github

больше 3 лет назад

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function.

EPSS

Процентиль: 50%

0.00265

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89