CVE Database · CVE-2020-5428
CVSS v3.1
6.0
EPSS
0.51%
Published
Jan 27, 2021
Modified
Nov 21, 2024
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:LWeaknesses (CWE)
Affected Products (1)
References (2)