• caglararli@hotmail.com
  • 05386281520

CVE-2024-24110 | crmeb_java up to 1.3.3 GET Request /api/front/spread/people sql injection

Çağlar Arlı      -    16 Views

CVE-2024-24110 | crmeb_java up to 1.3.3 GET Request /api/front/spread/people sql injection

A vulnerability was found in crmeb_java up to 1.3.3. It has been declared as critical. This vulnerability affects unknown code of the file /api/front/spread/people of the component GET Request Handler. The manipulation leads to sql injection. This vulnerability was named CVE-2024-24110. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.