CVE-2025-14694
CVE-2025-14694 affects ketr JEPaaS up to version 7.2.8. The vulnerability is in the readAllPostil function (/je/postil/postil/readAllPostil) where manipulating the keyWord parameter leads to SQL injection. Attack can be initiated remotely over the network; CVSS metrics indicate HIGH privileges ar...