CVE-2023-5104

MEDIUM EPSS 46.0%
Published Sep 21, 20232y ago ยท Modified Jun 17, 20261w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Sep 21, 2023 2y ago
Last Modified Jun 17, 2026 1w ago

Description

Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
46.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 1

VendorProductVersionRange
nocodbnocodb* <0.96.0

References 2

  • github.com https://github.com/nocodb/nocodb/commit/db0385cb8aab2a34e233454607f59152ac62b3e2
    Patch
  • huntr.dev https://huntr.dev/bounties/1b5c6d9f-941e-4dd7-a964-42b53d6826b0
    ExploitPatchThird Party Advisory

Remediation

  • github.com https://github.com/nocodb/nocodb/commit/db0385cb8aab2a34e233454607f59152ac62b3e2
    Patch
  • huntr.dev https://huntr.dev/bounties/1b5c6d9f-941e-4dd7-a964-42b53d6826b0
    ExploitPatchThird Party Advisory