CVE-2019-1010191

Published: Jul 24, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

marginalia < 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a header. The attack vector is: Hacker inputs a SQL to a vulnerable vector(header, http parameter, etc). The fixed version is: 1.6.

Vendor	Product	Versions
marginalia	marginalia	affected `< 1.6 [fixed: 1.6]`

References

https://github.com/basecamp/marginalia/pull/73/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-1010191

Description

Affected Products

References