4 matches found
CVE-2022-3971
A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to...
Sql injection
A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to...
CVE-2022-3971
Summary (CVE-2022-3971) : A SQL injection vulnerability exists in matrix-appservice-irc up to version 0.35.1, in an unknown portion of the code path that handles the argument roomIds within PgDataStore.ts . The issue is exploitable via untrusted input and is described as a critical risk in multip...
CVE-2022-3971 matrix-appservice-irc PgDataStore.ts sql injection
A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to...