FI-2024-010 - SQL Injection in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)
Severity
High
Published Date
27-Aug-2024
Updated Date
27-Aug-2024
Vulnerabilities
CVE-2024-6632
Notes
Description
A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability.
Vulnerabilities
References
Acknowledgements
Fortra would like to thank the following individuals:
- Dynatrace Security Research