Code Injection Vulnerability in SAP OrientDB 3.0

Code Injection Vulnerability in SAP OrientDB 3.0

CVE-2020-6230 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application.

Learn more about our Web Application Penetration Testing UK.