CVE-2024-4893 [CRITICAL] :

DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands.

Sysdig Blog

blog

Expert insight, best practices, and advice on Secure DevOps, security for containers, Kubernetes, and cloud services. Review Sysdig blog posts today!

https://sysdig.com/blog/

Listed: Sat May 18 2024