Security Advisory

CVE-2023-29154

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-01 00:00:00

Last updated 2025-01-09 19:24:43

Assigner jpcert

State PUBLISHED

Description

SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page.

← Browse all CVEs View on cve.org ↗