CVE-2026-6093

Corteza contains a SQL injection vulnerability in its Microsoft SQL Server MSSQL backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8...

CVE-2026-6093

CVE-2026-6093 describes a SQL injection vulnerability in Corteza’s MSSQL backend, triggered when filtering Compose records by the meta field. The root cause is an incorrect T-SQL string escaping, affecting Corteza 2024.9.8. Exploit details and mitigations are not provided in the connected documen...

Corteza SQL注入漏洞

Corteza is an open-source low-code platform developed by the Corteza Project, designed for quickly building CRM, business processes, and structured data applications. The Corteza 2024.9.8 version contains a SQL injection vulnerability. This vulnerability arises from the SQL injection vulnerabilit...

PT-2026-39621

Name of the Vulnerable Software and Affected Versions Corteza version 2024.9.8 Description An issue exists in the Microsoft SQL Server MSSQL backend when filtering Compose records by the meta field, which allows for SQL injection. SQL injection is a type of flaw that enables an attacker to...