13 Layers
SHARE

Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiate delicate data from the database such as administrator’s password and session. The fresh repository of Cachet is not robust, the stable version 2.3.18 and it’s developing 2.4 branch is affected. (CVSS:5.0) (Concluding Update:2021-09-01)

13 Layers Managed Security Services