1 results (0.005 seconds)

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is able to address this issue. • https://github.com/Bricco/authenticator-plugin/commit/a5456633ff75e8f13705974c7ed1ce77f3f142d5 https://github.com/Bricco/authenticator-plugin/releases/tag/1.39 https://vuldb.com/?ctiid.218428 https://vuldb.com/?id.218428 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •