CVE-2023-3449

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function actionExport of the file ?r=recruit/interview/export&interviews=x of the component Interview Management Export. The manipulation of the argument interviews leads to sql injection. T...

Sql injection

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function actionExport of the file ?r=recruit/interview/export&interviews=x of the component Interview Management Export. The manipulation of the argument interviews leads to sql injection. T...

CVE-2023-3449

CVE-2023-3449 affects IBOS OA 4.5.5, specifically the Interview Management Export component via actionExport in ?r=recruit/interview/export&interviews=x. The root cause is that manipulating the interviews parameter enables SQL injection. Public disclosures exist, vendor unresponsive. Connected so...

CVE-2023-3449 IBOS OA Interview Management Export export&interviews=x actionExport sql injection

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function actionExport of the file ?r=recruit/interview/export&interviews=x of the component Interview Management Export. The manipulation of the argument interviews leads to sql injection. T...