CVE Published: 17/10/2024 |
CVE Updated: 17/10/2024 |
CVE Year: 2024 Source: Patchstack |
Vendor: Zoho CRM |
Product: Zoho CRM Lead Magnet Status : PUBLISHED
CVE-2024-49297 Description
Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows SQL Injection.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.9.0.
Metrics
CVSS Version: 3.1 |
Base Score: 8.5 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L