Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run.
References
Link | Resource |
---|---|
https://github.com/ankane/blazer/issues/392 | Mitigation Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-21T04:26:16
Updated: 2022-04-21T04:26:16
Reserved: 2022-04-19T00:00:00
Link: CVE-2022-29498
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-21T05:15:06.940
Modified: 2022-04-28T16:24:46.747
Link: CVE-2022-29498
JSON object: View
Redhat Information
No data.
CWE