Security Advisory

CVE-2023-41262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-12 00:00:00

Last updated 2024-09-18 18:37:46

Assigner mitre

State PUBLISHED

Description

An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the applications backend database server.

← Browse all CVEs View on cve.org ↗