Skip to content

SQL Injection in USOC

Moderate
Aaron-Junker published GHSA-89jg-6fr3-9q4h Jan 3, 2022

Package

USOC (USOC)

Affected versions

<Pb1.0Bfx0

Patched versions

Pb2.4Bfx2

Description

Impact

Allowed Sql injection in usersearch.php, which isn't a big issue because you can only access it when you're admin anyway.

Patches

Upgrade to version Pb2.4Bfx2

Severity

Moderate

CVE ID

CVE-2022-21644

Weaknesses

Credits