SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.
CPE | Name | Operator | Version |
---|---|---|---|
k2_blackpearl | eq | 4.6.7 | |
k2_for_sharepoint | eq | 4.6.7 | |
k2_smartforms | eq | 4.6.7 |