CVE-2023-49231
An authentication bypass affecting Stilog Visual Planning 8 (pre-build 240207) is documented. A wildcard injection inside a prepared SQL statement in the REST API v2.0 enabled attackers to exfiltrate the REST API key and obtain an administrative API token, granting unauthenticated admin access. T...