Vulnerability Details CVE-2023-30323
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.7%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/wliang6/ChatEngine/blob/fded8e710ad59f816867ad47d7fc4862f6502f3e/src/chatbotapp/chatWindow.java#L34:L60
- https://payatu.com/advisory/sql-injection-in-chatwindow-functionality-in-chatengine-1-0/
- https://github.com/wliang6/ChatEngine/blob/fded8e710ad59f816867ad47d7fc4862f6502f3e/src/chatbotapp/chatWindow.java#L34:L60
- https://payatu.com/advisory/sql-injection-in-chatwindow-functionality-in-chatengine-1-0/
Products affected by CVE-2023-30323
-
cpe:2.3:a:chatengine_project:chatengine:1.0