2 matches found
CVE-2022-48603
A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48603
The CVE-2022-48603 entry describes a SQL injection vulnerability in ScienceLogic SL1’s “message viewer iframe” feature, where unsanitized user input is passed directly into a SQL query. Affected component: ScienceLogic SL1 (message viewer iframe). Root cause: lack of input sanitization before SQL...