PT-2023-24197 · Xibo · Xibo

Name of the Vulnerable Software and Affected Versions: Xibo versions 3.2.0 through 3.3.2 Description: A SQL injection issue was discovered in the /display/map API route, allowing an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values into the bounds...