MidnightBSD

Advisories for transbank

CVE-2023-27610

Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST plugin <= 1.6.6 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L 1.2 4.2

Products Affected

Vendor Product Version
transbank transbank_webpay_rest *