CNNVD-202508-3221 Information

CNNVD ID

CNNVD-202508-3221

Related CVE

CVE-2025-50983

• CNNVD Published: 2025-08-27

Description (Chinese)

Readarr是Readarr开源的一款电子书库管理系统。 readarr 0.4.15.2787版本存在安全漏洞，该漏洞源于GET /api/v1/wanted/cutoff API端点中sortKey参数清理不当，可能导致SQL注入攻击。

Description (English)

Readarr is an electronic library management system open to Readarr. The readarr 0.4.15.2787 version contains a security loophole, which stems from the inadequate clearance of the sortkey parameters in the GET/api/v1/wanted/cutoff API endpoint, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

其他

Published

2025-08-27

Last Modified

2026-02-24

References

https://github.com/4rdr/proofs/blob/main/info/readarr-0.4.15.2787-sql-injection-via-sortkey-parameter.md https://nvd.nist.gov/vuln/detail/CVE-2025-50983

Patch

https://readarr.com/#download