|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-01-07 | |
| Rule Name: | Weaver e-Bridge addTasteJsonp SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | e-Bridge is a system integration platform for bridging Internet development resources and enterprise information systems developed by Weaver. e-Bridge addTasteJsonp endpoint has SQL Injection Vulnerability. An unauthenticated malicious attacker can use the SQL injection vulnerability to obtain information in the database and even write commands to the server with high permission to obtain the system permission of the server. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |