2 matches found
CVE-2021-43971
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter...
CVE-2021-43971
CVE-2021-43971 is a SQL injection vulnerability in SysAid ITIL, affecting SysAid ITIL 20.4.74 b10. The issue is exploitable via the filterText parameter in /mobile/SelectUsers.jsp, allowing a remote authenticated attacker to execute arbitrary SQL commands. The connected documents confirm the aff...