CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35122
https://notcve.org/view.php?id=CVE-2020-35122
15 Dec 2020 — An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection. Se detectó un problema en el plugin Keysight Database Connector versiones anteriores a 1.5.0 para Confluence. Un usuario malicioso podría omitir los controles de acceso para usar un perfil de conexión de base de datos guardado para enviar SQL arbitrario c... • https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •