CNNVD-202601-4737 Information
CNNVD ID
CNNVD-202601-4737
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
EGroupware是EGroupware公司的一个在线办公平台。 EGroupware 23.1.20260113之前版本和26.0.20260113之前版本存在SQL注入漏洞,该漏洞源于Nextmatch过滤器处理存在PHP类型混淆问题,可能导致SQL注入攻击。
Description (English)
EGroupware is an online office platform for EGroupware. The previous version of EGroupware 23.1.2260113 and the pre-version of 26.0.20260113 had an injection loophole in SQL, which arose from the Nextmatch filter addressing PHP-type confusion that could lead to an SQL injection attack.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
EGroupware
Published
2026-01-28
Last Modified
2026-02-24
References
https://github.com/EGroupware/egroupware/releases/tag/26.0.20260113 https://github.com/EGroupware/egroupware/security/advisories/GHSA-rvxj-7f72-mhrx https://github.com/EGroupware/egroupware/releases/tag/23.1.20260113 https://access.redhat.com/security/cve/cve-2026-22243
Patch
https://github.com/EGroupware/egroupware/releases
Share on: