- Description
- An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-89
- Hype score
- Not currently trending
CVE-2024-55517 SQL Injection Vulnerability in Polaris FT Intellect Core Banking 9.5 An issue was found in the Interllect Core Search of Polaris FT Intellect Core Banking 9.5. The groupType parameter in /SCGContro... https://t.co/XpZUYmoFe4
@VulmonFeeds
8 Jan 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-55517 An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mish… https://t.co/tWnlVejbCc
@CVEnew
8 Jan 2025
328 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes