CVE-2023-3163

CVSS v3.1

3.5

Low

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions y project RuoYi versions up to 4.7.7

Description A vulnerability was found in the function filterKeyword. The manipulation of the argument value leads to resource consumption.

Recommendations For versions up to 4.7.7, consider disabling the filterKeyword function until a patch is available to prevent resource consumption due to argument manipulation.

Exploit

Fix

SQL injection

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89CWE-400

Related Identifiers

CVE-2023-3163

GHSA-G3HH-Q55F-9G3W

Affected Products

Y Project Ruoyi

CVE-2023-3163

Weakness Enumeration

Related Identifiers

Affected Products

References · 11