Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Exploiting this vulnerability could allow unauthorised access to database tables.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Octopus
Published: 2021-06-17T13:22:17
Updated: 2021-06-17T13:22:17
Reserved: 2021-04-26T00:00:00
Link: CVE-2021-31818
JSON object: View
NVD Information
Status : Modified
Published: 2021-06-17T14:15:08.173
Modified: 2023-11-07T03:35:00.873
Link: CVE-2021-31818
JSON object: View
Redhat Information
No data.
CWE