Security Advisory

CVE-2022-42744

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-03 00:00:00

Last updated 2025-05-05 13:04:12

Assigner Fluid Attacks

State PUBLISHED

Description

CandidATS version 3.0.0 allows an external attacker to perform CRUD operations on the application databases. This is possible because the application does not correctly validate the entriesPerPage parameter against SQLi attacks.

← Browse all CVEs View on cve.org ↗