Vulnerability Details CVE-2020-10563
An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.php mishandles a SQL query.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://cvecps.mitre.org/cps/workitems/create/?cveId=CVE-2020-10563
- https://github.com/JeromeDevome/GRR/commit/2c6edacd9e15c75a0c2ef472470481ffb6edc7d8
- https://github.com/JeromeDevome/GRR/releases/tag/v3.4.1c
- https://cvecps.mitre.org/cps/workitems/create/?cveId=CVE-2020-10563
- https://github.com/JeromeDevome/GRR/commit/2c6edacd9e15c75a0c2ef472470481ffb6edc7d8
- https://github.com/JeromeDevome/GRR/releases/tag/v3.4.1c
Products affected by CVE-2020-10563
-
cpe:2.3:a:devome:grr:3.4.0a
-
cpe:2.3:a:devome:grr:3.4.0c
-
cpe:2.3:a:devome:grr:3.4.0d
-
cpe:2.3:a:devome:grr:3.4.1
-
cpe:2.3:a:devome:grr:3.4.1a
-
cpe:2.3:a:devome:grr:3.4.1b