CVE-2022-48591
Discription
A SQL injection vulnerability exists in the vendor_state parameter of the âvendor print reportâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.Read More
References
Back to Main