VYPR
Unrated severityNVD Advisory· Published Mar 28, 2023· Updated Oct 23, 2024

Apache Fineract: SQL injection vulnerability

CVE-2023-25196

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache Fineract. Authorized users may be able to change or add data in certain components.

This issue affects Apache Fineract: from 1.4 through 1.8.2.

Affected products

2
  • Apache/Fineractllm-create2 versions
    >=1.4, <=1.8.2+ 1 more
    • (no CPE)range: >=1.4, <=1.8.2
    • (no CPE)range: 1.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.