PT-2022-28146 · Unknown · Kbase Metrics
Published
2022-12-30
·
Updated
2024-05-17
·
CVE-2022-4860
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
KBase Metrics (affected versions not specified)
Description
A critical issue was found in KBase Metrics, affecting the
upload user data function of the file source/daily cron jobs/methods upload user stats.py. This issue leads to sql injection.Recommendations
Apply the patch 959dfb6b05991e30b0fa972a1ecdcaae8e1dae6d to fix this issue. As a temporary workaround, consider disabling the
upload user data function until the patch is applied.Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kbase Metrics