CVE-2024-7327 in RockOAالمعلومات

الملخص

بحسب MITRE • 01/08/2024

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

مسؤول

VulDB

إفشاء

01/08/2024

الاعتدال

تمت الموافقة

إدخال

VDB-273250

استغلال

تحميل

EPSS

0.00514

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!