CVE-2020-7383

Summary

A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been able to access.

Affected Software

VendorProductVersion RangeStatus
Rapid7Nexposeunspecified < 6.6.49affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References