exploitDog

CVE-2023-4103

Опубликовано: 03 окт. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige
Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qsige:qsige:3.0.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00138

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-xwr3-6hhp-5cch

CVSS3: 8.8

github

почти 2 года назад

QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.

EPSS

Процентиль: 34%

0.00138

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

CWE-89