8May
CVE-2024-25518 | RuvarOA 6.01/12.01 wf_get_fields_approve.aspx template_id sql injection
A vulnerability classified as critical was found in RuvarOA 6.01/12.01. This vulnerability affects unknown code of the file /WorkFlow/wf_get_fields_approve.aspx. The manipulation of the argument template_id leads to sql injection. This vulnerability was named CVE-2024-25518. The attack can be initiated remotely. There is no exploit available.