Agile Point is a SQL injection vulnerability in Agile Point, a US-based company used to automate business processes and workflows, and build custom applications, portals, and SaaS solutions. The vulnerability stems from a lack of validation of external input SQL statements in the EncodedData parameter of the AgilePointServer/Extension/FetchUsingEncodedData function. An attacker could exploit this vulnerability to perform SQL injection attacks.
CPE | Name | Operator | Version |
---|---|---|---|
agile point agile point <v | eq | 8.0 |