13Şub
CVE-2024-23763 | Gambio up to 4.9.2.0 GET Request modifiers[attribute][] sql injection (usd-2023-0047)
A vulnerability was found in Gambio up to 4.9.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GET Request Handler. The manipulation of the argument modifiers[attribute][] leads to sql injection. This vulnerability is known as CVE-2024-23763. The attack needs to be approached within the local network. There is no exploit available.