We found results for “”
WS-2022-0244
Good to know:
Date: July 27, 2022
Yeswiki through 4.2.2 is vulnerable to unauthenticated SQL injection. An attacker can interfere with the application's database and queries. This issue has been fixed in versions 4.2.3 and above.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
SQL Injection
CWE-89Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |