7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.7%
Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a SQL injection vulnerability.
Users who can login and do not have access privileges to information in Aipo may view or alter information.
The developer has confirmed that a third party without login credentials cannot view or alter information.
Update the Software
Update to the latest version according to the information provided by the developer.
This issue has been resolved in Aipo Version 5.1.1.