CVE-2024-57098: Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.

9.8 CVSS

Description

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor: n/a

Product: n/a

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.83% (scored less or equal to compared to others)

EPSS Date: 2025-03-04 (when was this score calculated)

2025-02-04 01:01:24 UTC
CVE

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.