PT-2022-11635 · Unknown · Laravel-Jqgrid

Wuwx

Published

2022-12-19

Updated

2022-12-27

CVE-2021-4262

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions laravel-jqgrid (affected versions not specified)

Description A critical issue was found in the getRows function of the EloquentRepositoryAbstract.php file, which can lead to sql injection.

Recommendations Apply the patch fbc2d94f43d0dc772767a5bdb2681133036f935e to fix this issue. As a temporary workaround, consider restricting the use of the getRows function until the patch is applied.

Fix

Improper Neutralization

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-707CWE-89

Related Identifiers

CVE-2021-4262

GHSA-3FHJ-WPVJ-X5W8

Affected Products

Laravel-Jqgrid

PT-2022-11635 · Unknown · Laravel-Jqgrid

CVE-2021-4262

Weakness Enumeration

Related Identifiers

Affected Products

References · 7