CVE-2023-23634 · Vexday

CVE-2023-23634

EPSS 1.1%

SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://herolab.usd.de/en/security-advisories/usd-2022-0066/