CVE-2023-42284

Published November 7th, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

1

PROJECT

Description

Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.

andreysanyuk/CVE-2023-42284

Proof of concept for CVE-2023-42284 in Tyk Gateway

GitHub