PT-2023-25007 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue was found in the actionEdit function of the ?r=dashboard/roleadmin/edit&op=member endpoint, part of the Add User Handler component. The manipulation of the id argument leads to SQL injection...