11Şub
CVE-2024-25722 | QAnything up to 1.1.x mysql_client.py sql injection
A vulnerability was found in QAnything up to 1.1.x. It has been rated as critical. This issue affects some unknown processing of the file qanything_kernel/connector/database/mysql/mysql_client.py. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-25722. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.