CVE-2023-5030

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Sep 17, 2023

Updated: May 17, 2024

CWE ID 20

Summary

CVE-2023-5030 is a newly disclosed critical vulnerability affecting Tongda OA up to version 11.10. This issue lies in the unknown code of the delete.php file located in the general/hr/recruit/plan directory. By manipulating the argument PLAN_ID, an attacker can successfully execute SQL injection. As this exploit has been made public, organizations using Tongda OA are urged to patch this vulnerability promptly to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tt3_FR
https://www.cve.org/CVERecord?id=CVE-2023-5030
https://nvd.nist.gov/vuln/detail/CVE-2023-5030

Back to Vulnerability Database