2 matches found
CVE-2022-32456
The CVE-2022-32456 issue affects Digiwin BPM and is described across multiple sources as an unauthenticated SQL injection caused by insufficient validation of user input in a Digiwin BPM function. The vulnerability allows a remote attacker to inject arbitrary SQL commands to access, modify, delet...
CVE-2022-32456 Data Systems Consulting Co., Ltd. BPM - SQL Injection
Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service...