Unrated severityNVD Advisory· Published Oct 4, 2024· Updated Oct 4, 2024
CVE-2024-47911
CVE-2024-47911
Description
In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: >=10.4, <10.6
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.