CVE-2023-48261

Name of the Vulnerable Software and Affected Versions NEXO-OS (affected versions not specified)

Description The issue allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. This is related to a lack of protection for the SQL query structure. Exploitation of the issue may allow an attacker to gain unauthorized access to the database by sending a specially formed HTTP request.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.