Lucene search
MitreVULNRICHMENT:CVE-2024-40541HistoryJul 12, 2024 - 12:00 a.m.
CVE-2024-40541
2024-07-1200:00:00
mitre
github.com
3
vulnerability
sql injection
my-springsecurity-plus
datascope parameter
/api/dept/build
cve-2024-40541
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
43.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:witmy:my-springsecurity-plus:*:*:*:*:*:*:*:*"
],
"vendor": "witmy",
"product": "my-springsecurity-plus",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "2024.07.03",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-40541
2024-07-12 00:00:00
cve
cve
CVE-2024-40541
2024-07-12 16:15:05
nvd
nvd
CVE-2024-40541
2024-07-12 16:15:05
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
43.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40541