Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25197

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through 1.8.2.

Published

2023-03-28T12:15:07.430

Last Modified

2024-11-21T07:49:17.910

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	fineract	≤ 1.8.2	Yes

References

https://lists.apache.org/thread/v0q9x86sx6f6l2nzr1z0nwm3y9qlng04 Mailing List, Vendor Advisory ([email protected])
https://lists.apache.org/thread/v0q9x86sx6f6l2nzr1z0nwm3y9qlng04 Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)