2 matches found
CVE-2022-48593
A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48593
CVE-2022-48593 affects ScienceLogic SL1, specifically theTopology Data Service feature, where unsanitized user input is passed directly into a SQL query, enabling SQL injection. Public sources consistently describe this as a high-severity, network-based risk with high confidentiality, integrity, ...