Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/ankane/blazer/issues/392 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-21T04:26:16
Updated: 2024-08-03T06:26:06.075Z
Reserved: 2022-04-19T00:00:00
Link: CVE-2022-29498
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-04-21T05:15:06.940
Modified: 2022-04-28T16:24:46.747
Link: CVE-2022-29498
Redhat
No data.