Security Advisory

CVE-2020-22669

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-02 00:00:00

Last updated 2025-11-03 19:25:32

Assigner mitre

State PUBLISHED

Description

Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.

← Browse all CVEs View on cve.org ↗