VYPR
Unrated severityNVD Advisory· Published Mar 28, 2023· Updated Oct 23, 2024

apache fineract: SQL injection vulnerability in certain procedure calls

CVE-2023-25197

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components.

This issue affects apache fineract: from 1.4 through 1.8.2.

Affected products

2
  • Apache/Fineractllm-fuzzy2 versions
    >=1.4, <=1.8.2+ 1 more
    • (no CPE)range: >=1.4, <=1.8.2
    • (no CPE)range: 1.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.