First published: Thu Oct 07 2021(Updated: )
OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opensns Opensns | =6.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this OpenSNS vulnerability is CVE-2020-21726.
The severity of CVE-2020-21726 is critical with a CVSS score of 9.8.
The affected software version is OpenSNS v6.1.0.
The CVE-2020-21726 vulnerability is a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter in OpenSNS v6.1.0.
Please refer to the vendor's website or documentation for instructions on how to fix the CVE-2020-21726 vulnerability.