CVE-2024-8972
CVE-2024-8972
9.8
CriticalPublished:
Last updated:
Source:iletisim@usom.gov.tr
Deferred
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection. This issue affects Saha365 App: before 30.09.2024.
References
iletisim@usom.gov.tr
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1890iletisim@usom.gov.tr
https://www.usom.gov.tr/bildirim/tr-24-1890