CVE-2022-35864
This CVE affects BMC Track-It! version 20.21.02.109. The vulnerability is an SQL injection in the GetPopupSubQueryDetails endpoint caused by insufficient validation of a user-supplied string used to build queries, enabling disclosure of stored credentials. Exploitation requires authentication. Pu...