CVE-2024-44903
SQL Injection can occur in the SirsiDynix Horizon Information Portal IPAC20 through 3.259382; however, a patch is available from the vendor. This is in ipac.jsp in a SELECT WHERE statement, in a part of the uri= variable in the second part of the full= inner variable...