CVE-2023-51805
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.
为企业提供「免费」表单问卷能力,「开箱即用」快速赋能业务 A questionnaire system that can be privatized and deployed - 填鸭表单问卷系统(tduck-survey-form)表单系统-问卷系统
GitHub