CVE-2019-9039

CVE-2019-9039

The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the ?_all_docs? endpoint.

Source: CVE-2019-9039

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다