CVE-2024-25168

Published March 22nd, 2024

View on NVD ↗

CVSS v3

6.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface.

biantaibao/snow_SQL

GitHub