Vulnerabilities > Odyssey Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-25	CVE-2021-43766	Improper Certificate Validation vulnerability in Odyssey Project Odyssey 1.1 Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. network high complexity odyssey-project CWE-295	8.1

Vulnerabilities > Odyssey Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Odyssey Project"}]}