2 matches found
CVE-2022-23314
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do...
CVE-2022-23314
Affected product. MCMS v5.2.4. Vulnerability. SQL injection via /ms/mdiy/model/importJson.do. Root cause: lack of filtering/escaping of SQL data (per CNVD/CNNVD/Red Hat entries). Impact. High severity (CVSS v3.1: 9.8; CVSS v2.0: 7.5) with network access, no authentication, and full impact on conf...