CVE-2022-4454

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions m0ver bible-online (affected versions not specified)

Description A critical issue has been found in the Search Handler component, specifically in the query function of the src/main/java/custom/application/search.java file. This issue leads to sql injection.

Recommendations Apply the patch with the name 6ef0aabfb2d4ccd53fcaa9707781303af357410e to fix this issue. As a temporary workaround, consider disabling the query function of the Search Handler component until the patch is applied.

Fix

Improper Neutralization

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-707CWE-89

Related Identifiers

CVE-2022-4454

Affected Products

M0Ver Bible-Online

CVE-2022-4454

Weakness Enumeration

Related Identifiers

Affected Products

References · 7