CVE-2024-7327 in RockOAИнформация

Сводка

по MITRE • 01.08.2024

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Ответственный

VulDB

Раскрытие

01.08.2024

Модерация

принято

Вход

VDB-273250

Эксплойт

Скачать

EPSS

0.00514

KEV

Нет

Деятельности

Очень низкий

Источники

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!