CVE-2021-22848
7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HGiga | MailSherlock MSR45/SSR45 | iSherlock-user-4.5 < 120 | affected |
| HGiga | MailSherlock MSR45/SSR45 | iSherlock-antispam-4.5 < 133 | affected |
Weaknesses
- CWE-89: CWE-89 SQL Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.