8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
31.0%
OSS Calendar provided by Thinkingreed Inc. contains an SQL injection vulnerability (CWE-89).
A logged-in user may execute an arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request.
Update the software
Update the software according to the information provided by the developer.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
31.0%