-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| centreon/centreon | composer | < 22.10.15 | 22.10.15 |
Miggo AIRoot Cause AnalysisThe vulnerability description explicitly states the flaw exists in the updateGroups function due to improper input validation before SQL query construction. While the provided GitHub patch shows template escaping fixes (likely addressing XSS), the core SQL injection vulnerability resides in the backend updateGroups logic. The function name is confirmed by multiple sources (CVE, ZDI, GHSA), and the file path is inferred from Centreon's architecture (host configuration handling) and the context of the modified template file in the same directory.
PHPPHPOngoing coverage of React2Shell