WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2023-6886 Vulnerability in maven package com.xnx3.wangmarket:wangmarket

Description

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.

Remediation

References

https://github.com/xnx3/wangmarket/issues/8

https://vuldb.com/?ctiid.248246

https://vuldb.com/?id.248246

Related Vulnerabilities

CVE-2020-10673 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2017-1000048 Vulnerability in npm package qs

CVE-2019-5427 Vulnerability in maven package c3p0:c3p0

CVE-2019-1003056 Vulnerability in maven package org.jenkins-ci.plugins:websphere-deployer

CVE-2017-12617 Vulnerability in maven package org.apache.tomcat:tomcat-util

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Not Applicable Permissions Required Third Party Advisory