CVE-2018-17232

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute().

docmarionum1/slack-archive-bot
docmarionum1/slack-archive-bot
A bot that will archive your slack messages and make them searchable. No more 10,000 message search limit.
GitHubGitHub
227