CVE-2017-20150 MEDIUM

CVE-2017-20150: challenge website sql injection

Vendor Challenge
Product website
Weakness CWE-89 · SQLi
Published December 28, 2022
Last update August 5, 2024

CVSS base score

5.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in challenge website. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is f1644b1d3502e5aa5284f31ea80d2623817f4d42. It is recommended to apply a patch to fix this issue. The identifier VDB-216989 was assigned to this vulnerability.

Key dates

02Disclosure timeline

December 28, 2022 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE