CVE-2022-25490

HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.