CVE-2023-25197

CVE-2023-25197: apache fineract: SQL injection vulnerability in certain procedure calls

Vendor Apache Software Foundation

Product apache fineract

Weakness CWE-89 · SQLi

Published March 28, 2023

Last update October 23, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through 1.8.2.

Key dates

Disclosure timeline

March 28, 2023 CVE published

October 23, 2024 Record updated