VYPR
Unrated severityNVD Advisory· Published Mar 29, 2024· Updated Feb 13, 2025

Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries.

CVE-2024-23539

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5.

Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Apache/Fineractllm-fuzzy2 versions
    <1.8.5+ 1 more
    • (no CPE)range: <1.8.5
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.