| ID |
CVE-2023-4713
|
| Sažetak |
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
| Reference |
|
| CVSS |
| Base: | 5.2 |
| Impact: | 6.4 |
| Exploitability: | 5.1 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| ADJACENT_NETWORK |
LOW |
SINGLE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| CVSS vektor |
AV:A/AC:L/Au:S/C:P/I:P/A:P |
| Zadnje važnije ažuriranje |
04-06-2024 - 19:17 |
| Objavljeno |
01-09-2023 - 20:15 |