3 matches found
CVE-2022-30619
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
CVE-2022-30619 Agile Point - Agile Point NX SQL injection (SQLi)
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
CVE-2022-30619
The CVE is for Agile Point: SQL injection via lack of validation of EncodedData in AgilePointServer/Extension/FetchUsingEncodedData. The issue involves Editable SQL Queries encoded in Base64 sent from client to server, exploitable by any authenticated user through the EncodedData parameter. Impac...