CandidATS 3.0.0 - Authenticated SQL Injection

Summary

NameCandidATS 3.0.0 - Authenticated SQL Injection
Code nameJackson
ProductCandidATS
Affected versionsVersion 3.0.0 Beta (Pilava Beta)
StateUnpublished/Contacted Vendor

Vulnerability

KindSQL injection
Rule146. SQL injection
RemoteYes
CVSSv3 VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVSSv3 Base Score6.3
Exploit availableNo
CVE ID(s)CVE-2022-25228

Description

This information will be released later according to our Responsible Disclosure Policy.

Proof of Concept

This information will be released later according to our Responsible Disclosure Policy.

Exploit

This information will be released later according to our Responsible Disclosure Policy.

Mitigation

This information will be released later according to our Responsible Disclosure Policy.

Credits

The vulnerability was discovered by Oscar Uribe from the Offensive Team of Fluid Attacks.

References

Vendor page https://candidats.net/forums/

Timeline

Time-lapse-logo

2022-04-19

Vulnerability discovered.

Time-lapse-logo

2022-04-19

Vendor contacted.

Time-lapse-logo

2022-04-20

Vendor replied acknowledging the report.