Created
December 2, 2023 00:48
-
-
Save Maverickfir/53405b944b2830b43a84abf4b1734847 to your computer and use it in GitHub Desktop.
CVE-2023-49371
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [description] | |
> RuoYi up to v4.6 was discovered to contain a SQL injection | |
> vulnerability via /system/dept/edit. | |
> | |
> ------------------------------------------ | |
> | |
> [Vulnerability Type] | |
> SQL Injection | |
> | |
> ------------------------------------------ | |
> | |
> [Vendor of Product] | |
> RuoYi | |
> | |
> ------------------------------------------ | |
> | |
> [Affected Product Code Base] | |
> RuoYi - v4.6 | |
> | |
> ------------------------------------------ | |
> | |
> [Affected Component] | |
> /system/dept/edit | |
> | |
> ------------------------------------------ | |
> | |
> [Attack Type] | |
> Remote | |
> | |
> ------------------------------------------ | |
> | |
> [Attack Vectors] | |
> RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via the component /system/dept/edit | |
> | |
> ------------------------------------------ | |
> | |
> [Reference] | |
> https://github.com/Maverickfir/RuoYi-v4.6-vulnerability/blob/main/Ruoyiv4.6.md | |
> | |
> ------------------------------------------ | |
> | |
> [Has vendor confirmed or acknowledged the vulnerability?] | |
> true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment