Home
HIGH: 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:NMEDIUM: 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NDefault status
unaffected
0.0.0 (semver)
affected
Default status
unaffected
0.0.0 (semver)
affected
Default status
unaffected
2.20.0
affected
Default status
unaffected
2.20.0
affected
Default status
unaffected
0.0.0 (semver)
affected
Default status
unaffected
0.0.0 (semver)
affected
Default status
unaffected
2.20.0
affected
Default status
unaffected
2.20.0
affected
Description
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
Problem types
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Product status
0.0.0 (semver)
0.0.0 (semver)
2.20.0
2.20.0
0.0.0 (semver)
0.0.0 (semver)
2.20.0
2.20.0
References
www.certvde.com/en/advisories/VDE-2026-044/