Vulnerability Details CVE-2021-21924
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.055
EPSS Ranking 89.7%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 4.0
References