CVE-2022-27613

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors.
References
Configurations

Configuration 1

cpe:2.3:a:synology:carddav_server:*:*:*:*:*:*:*:*

Information

Published : 2022-07-28 07:15

Updated : 2022-08-03 08:16


NVD link : CVE-2022-27613

Mitre link : CVE-2022-27613

Products Affected
CWE