Lucene search

GoogleOSV:CVE-2023-4188

HistoryAug 05, 2023 - 8:15 p.m.

CVE-2023-4188

2023-08-0520:15:09

Google

osv.dev

github

sql injection

version 2.16.1-git

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.7%

JSON

SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git.

CPENameOperatorVersion
icms2eq2.6.1
icms2eq2.4.0
icms2eq2.14.1
icms2eq2.7.1
icms2eq2.7.0
icms2eq2.15.0
icms2eq2.7.2
icms2eq2.9.0
icms2eq2.6.0
icms2eq2.14.2

Name	Operator	Version
icms2	eq	2.6.1
icms2	eq	2.4.0
icms2	eq	2.14.1
icms2	eq	2.7.1
icms2	eq	2.7.0
icms2	eq	2.15.0
icms2	eq	2.7.2
icms2	eq	2.9.0
icms2	eq	2.6.0
icms2	eq	2.14.2

Rows per page:

1-10 of 291

References

github.com/instantsoft/icms2/commit/1dbc3e6c8fbf5d2dc551cb27fad0de3584dee40f

huntr.dev/bounties/fe9809b6-40ad-4e81-9197-a9aa42e8a7bf

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.7%

JSON

Related for OSV:CVE-2023-4188