Lucene search
HistoryDec 01, 2023 - 3:15 p.m.
CVE-2023-49371
cve-2023-49371
ruoyi
sql injection
system
dept
edit
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
33.1%
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit.
Affected configurations
Node
ruoyiruoyiRange≤4.6.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruoyi:ruoyi | ruoyi | le | 4.6.0 |
Related
osv
osv
CVE-2023-49371
2023-12-01 15:15:07
RuoYi vulnerable to SQL injection vulnerability
2023-12-01 15:31:22
prion
prion
Sql injection
2023-12-01 15:15:00
cvelist
cvelist
CVE-2023-49371
2023-12-01 00:00:00
github
github
RuoYi vulnerable to SQL injection vulnerability
2023-12-01 15:31:22
nvd
nvd
CVE-2023-49371
2023-12-01 15:15:07
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
33.1%
Related for CVE-2023-49371