VYPR
Critical severity9.8NVD Advisory· Published Aug 30, 2021· Updated Jun 17, 2026

CVE-2021-37749

CVE-2021-37749

Description

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.