1 matches found
CVE-2026-28443
OpenReplay is a self-hosted session replay suite. Prior to version 1.20.0, the POST /projectId/cards/search endpoint has a SQL injection in the sort.field parameter. This issue has been patched in version 1.20.0...