CVE Published: 28/03/2023 |
CVE Updated: 23/10/2024 |
CVE Year: 2023 Source: apache |
Vendor: Apache Software Foundation |
Product: Apache Fineract Status : PUBLISHED
CVE-2023-25196 Description
Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Apache Software Foundation Apache Fineract.
Authorized users may be able to change or add data in certain components.
This issue affects Apache Fineract: from 1.4 through 1.8.2.
CWE-ID: CWE-89 CWE Name: CWE-89 Improper Neutralization of Special Elements used in an SQL Command (
SQL Injection
) Source: Apache Software Foundation
Common Attack Pattern Enumeration and Classification (CAPEC)