-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.vivoweb:vitro-project | maven | < 1.11.0 | 1.11.0 |
Miggo AIRoot Cause AnalysisThe commit diff shows security-critical validation was added to the IndividualSDB constructor where URI parameter processing occurs. Before the patch, lack of input sanitization allowed attackers to inject SPARQL commands through the uri parameter, enabling ReDoS via malicious regex patterns. The vulnerability manifests in the URI handling logic that builds SPARQL queries without proper escaping/validation.