CVE-2017-8015
EMC AppSync (pre-3.5) contains an SQL injection in the Apollo REST services. The flaw arises when parsing a user-supplied string to build SQL queries, enabling information disclosure on vulnerable installations. The vulnerability allows remote attackers to disclose sensitive data; authentication ...