Vulnerability Details CVE-2021-28142
CITSmart before 9.1.2.28 mishandles the "filtro de autocomplete."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.062
EPSS Ranking 90.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/162182/CITSmart-ITSM-9.1.2.27-SQL-Injection.html
- https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html
- http://packetstormsecurity.com/files/162182/CITSmart-ITSM-9.1.2.27-SQL-Injection.html
- https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html
Products affected by CVE-2021-28142
-
cpe:2.3:a:citsmart:citsmart:9.0
-
cpe:2.3:a:citsmart:citsmart:9.1
-
cpe:2.3:a:citsmart:citsmart:9.1.2.13
-
cpe:2.3:a:citsmart:citsmart:9.1.2.22
-
cpe:2.3:a:citsmart:citsmart:9.1.2.23
-
cpe:2.3:a:citsmart:citsmart:9.1.2.24
-
cpe:2.3:a:citsmart:citsmart:9.1.2.25
-
cpe:2.3:a:citsmart:citsmart:9.1.2.26
-
cpe:2.3:a:citsmart:citsmart:9.1.2.27