Security Advisory

CVE-2021-39379

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-01 12:41:24

Last updated 2024-08-04 02:06:42

Assigner mitre

State PUBLISHED

Description

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the ResetUserInfo.php password_stn_id parameter.

← Browse all CVEs View on cve.org ↗