CVE-2025-40887 in Guardian信息

摘要

由 MITRE • 2025-10-07

A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized data.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

负责

Nozomi

预定

2025-04-16

披露

2025-10-07

管理

已接受

条目

VDB-327385

CPE

准备好

CWE

CWE-89 (已确认)

CVSS

5.3 (CNA)

EPSS

0.00024

KEV

否

活动

非常低

来源

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-40887
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-40887
CVE Details	https://www.cvedetails.com/cve/CVE-2025-40887/

◂ 上一步一览下一步 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!