CVE-2018-13792

2019-02-1002:00:00

mitre

www.cve.org

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

References

www.abbyydownloads.com/fc12/ReleaseNotes_FC12_R2_U6_1299.29_build_12.0.2.1420.pdf