CVE-2022-4961

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 12, 2024
Updated: May 17, 2024
CWE ID 89

Summary

CVE-2022-4961 is a critical vulnerability affecting Weitong Mall version 1.0.0. An unknown functionality in the OrderDao.xml file, located at platform-shop/src/main/resources/com/platform/dao/, has been identified as the source of the issue. Manipulation of the sidx/order argument triggers sql injection, potentially allowing unauthorized access or data modification. The associated identifier for this vulnerability is VDB-250243.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share