Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2
Summary A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the Alerts controller, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Impact Authenticated users can extract arbitrary...