A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/ endpoint.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-23T13:36:34

Updated: 2024-08-04T13:30:22.984Z

Reserved: 2020-07-21T00:00:00

Link: CVE-2020-15887

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-07-23T14:15:12.900

Modified: 2024-11-21T05:06:22.857

Link: CVE-2020-15887

cve-icon Redhat

No data.