EUVD-2025-21587
ID: EUVD-2025-21587
Severity: high
CVSS v4: 8.3 (CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N)
CVSS v3: Not provided
CWE: None listed
Source: ENISA
Description
SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.
Timestamps
- Normalized:
- Last updated:
References
No references provided.