Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract.
Authorized users may be able to exploit this for limited impact on components.
This issue affects apache fineract: from 1.4 through 1.8.2.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/v0q9x86sx6f6l2nzr1z0nwm3y9qlng04 | Mailing List Vendor Advisory |
Configurations
History
07 Nov 2023, 04:08
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through 1.8.2. |
31 Mar 2023, 13:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Apache
Apache fineract |
|
CPE | cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
References | (MISC) https://lists.apache.org/thread/v0q9x86sx6f6l2nzr1z0nwm3y9qlng04 - Mailing List, Vendor Advisory |
28 Mar 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-28 12:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-25197
Mitre link : CVE-2023-25197
CVE.ORG link : CVE-2023-25197
JSON object : View
Products Affected
apache
- fineract
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')