CVE-2024-53506 | Siyuan 3.1.11 /batchGetBlockAttrs ids sql injection (Issue 13060)

Posted by Angelo Barbosa | Nov 29, 2024 | CVE

A vulnerability classified as critical was found in Siyuan 3.1.11. This vulnerability affects unknown code of the file /batchGetBlockAttrs. The manipulation of the argument ids leads to sql injection.

This vulnerability was named CVE-2024-53506. The attack can be initiated remotely. There is no exploit available.

CVE-2024-53506 | Siyuan 3.1.11 /batchGetBlockAttrs ids sql injection (Issue 13060)

Related Posts

CVE-2024-24704 | AddonMaster Load More Anything Plugin up to 3.3.3 on WordPress authorization

CVE-2019-16638 | Ruijie EG-2000 11.1 /data/config.text missing encryption

CVE-2023-49335 | Zoho ManageEngine ADAudit Plus up to 7270 File Server Detail sql injection

CVE-2024-5985 | SourceCodester Best Online News Portal 1.0 /admin/index.php username sql injection