CVE-2019-4483
Affected products: IBM Contract Management and IBM Emptoris Spend Analysis, versions 10.1.0–10.1.3. The issue is an SQL injection that allows a remote attacker to view, add, modify, or delete data in the back-end database by sending specially crafted SQL statements. Root cause: improper handling ...