9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.0%
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php.
code.vtiger.com/vtiger/vtigercrm/-/blob/master/modules/Reports/ReportRun.php#L395
github.com/jselliott/CVE-2023-38891