WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2023-6886 Vulnerability in maven package com.xnx3.wangmarket:wangmarket

Description

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.

Remediation

References

https://github.com/xnx3/wangmarket/issues/8

https://vuldb.com/?ctiid.248246

https://vuldb.com/?id.248246

Related Vulnerabilities

CVE-2017-18640 Vulnerability in maven package org.yaml:snakeyaml

CVE-2019-0233 Vulnerability in maven package org.apache.struts:struts2-core

CVE-2018-12532 Vulnerability in maven package org.richfaces:richfaces-a4j

CVE-2018-11798 Vulnerability in maven package org.webjars.bower:thrift

CVE-2022-31129 Vulnerability in maven package org.webjars.bower:momentjs

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Not Applicable Permissions Required Third Party Advisory