The vulnerability of the setTermsHashAction method in the component /opt/webapp/lib/PureApi/CCApi.class.php allows a violator to execute arbitrary SQL queries within the GTB Central Console’s DLP system.
The vulnerability of the setTermsHashAction method in the /opt/webapp/lib/PureApi/CCApi.class.php file of the DLP system’s GTB Central Console relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL...