CVE-2024-7327 in RockOAinfo

Zusammenfassung

von MITRE • 01.08.2024

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Zuständig

VulDB

Veröffentlichung

01.08.2024

Moderieren

akzeptiert

Eintrag

VDB-273250

CPE

bereit

Exploit

Download

EPSS

0.00514

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!