CVE-2024-7327 in RockOAinformação

Sumário

de MITRE • 01/08/2024

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsável

VulDB

Divulgação

01/08/2024

Moderação

aceite

Entrada

VDB-273250

CPE

pronto

Exploração

Descarregar

EPSS

0.00514

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!