Question 1

What is CVE-2023-22900 — CVE-2023-22900?

Accepted Answer

Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database.

Question 2

What is the authoritative source for CVE-2023-22900?

Accepted Answer

CVE-2023-22900 (CVE-2023-22900) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	9.8 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS	1.03% probability of exploitation · percentile 59.1% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2023-22900CVE-2023-22900

Description

Scoring