CVE-2016-5843

CRITICAL9.4EPSS 0.67%

發布日:2016/9/17修改日:2025/11/19

也稱為:ALPINE-CVE-2016-5843

描述

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.

受影響套件(1)

Alpine/gst-plugins-bad1from 0, < 1.8.3-r0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL9.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

參考連結(1)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2016-5843