Vulnerability Details CVE-2021-40645
An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-40645
-
cpe:2.3:a:jfinaloa_project:jfinaloa:2021-09-07