Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-56703
HistoryJul 08, 2022 - 12:00 a.m.

Agile Point SQL Injection Vulnerability

2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
41

0.001 Low

EPSS

Percentile

42.8%

Agile Point is a SQL injection vulnerability in Agile Point, a US-based company used to automate business processes and workflows, and build custom applications, portals, and SaaS solutions. The vulnerability stems from a lack of validation of external input SQL statements in the EncodedData parameter of the AgilePointServer/Extension/FetchUsingEncodedData function. An attacker could exploit this vulnerability to perform SQL injection attacks.

CPENameOperatorVersion
agile point agile point <veq8.0

0.001 Low

EPSS

Percentile

42.8%

Related for CNVD-2022-56703