JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL Injection by a low privileged authenticated user due to incomplete validation when performing an SQL query.

Related CVEs

CVE-2021-3860

Key Information

GHSA ID

GHSA-p7mv-x2rc-847f

Published

December 21, 2021 12:00 AM

Last Modified

February 19, 2024 6:31 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.