CVE-2023-42283

Published November 7th, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

1

PROJECT

Description

Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.

andreysanyuk/CVE-2023-42283

Proof of concept for CVE-2023-42283 in Tyk Gateway

GitHub