exploitDog

CVE-2025-57793

Опубликовано: 28 янв. 2026

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

Ссылки

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0002.md
Third Party Advisory
https://online-help.explorance.com/blue/articles/security-advisories-(january-2026)
Vendor Advisory
https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57793
Vendor Advisory
https://www.explorance.com/products/blue
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:explorance:blue:*:*:*:*:*:*:*:*

Версия до 8.14.9 (исключая)

EPSS

Процентиль: 26%

0.00092

Низкий

8.6 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-2px4-jf33-3273

CVSS3: 8.6

github

10 дней назад

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

EPSS

Процентиль: 26%

0.00092

Низкий

8.6 High

CVSS3

Дефекты

CWE-89