PT-2020-13602 · Processmaker · Processmaker
Name of the Vulnerable Software and Affected Versions: ProcessMaker version 3.4.11 Description: The sort parameter in the download page "/sysworkflow/en/neoclassic/reportTables/reportTables Ajax" is vulnerable to SQL injection. A specially crafted HTTP request can cause an SQL injection. An...