2 matches found
CVE-2020-35243
Flamingo (aka FlamingoIM) through 2020-09-29 contains a SQL injection vulnerability in UserManager::updateUserInfoInDb. The CVE is supported by multiple sources (NVD entry and Red Hat PR) showing high/severe impact: CVSSv2 base 7.5 (Partial confidentiality/integrity/availability impact) and CVSSv...
CVE-2020-35243
Flamingo aka FlamingoIM through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb...