https://vulnerability.circl.lu/sightings/feed 2026-05-06T03:54:48.326396+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/f468e9a7-52ad-4728-8c19-63beaf59d198/export 2026-05-06T03:54:48.659022+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f468e9a7-52ad-4728-8c19-63beaf59d198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22494", "type": "seen", "source": "https://t.me/cibsecurity/56487", "content": "\u203c CVE-2023-22494 \u203c\n\na12nserver is an open source lightweight OAuth2 server. Users of a12nserver that use MySQL might be vulnerable to SQL injection bugs. If you use a12nserver and MySQL, update as soon as possible. This SQL injection bug might let an attacker obtain OAuth2 Access Tokens for users unrelated to those that permitted OAuth2 clients. The knex dependency has been updated to 2.4.0 in a12nserver 0.23.0. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T18:31:12.000000Z"} 2023-01-13T18:31:12+00:00