PT-2023-26792 · Bmc · Bmc Control-M
Name of the Vulnerable Software and Affected Versions: BMC Control-M versions prior to 9.0.21 BMC Control-M version 9.0.20.200 Description: The issue allows SQL injection via the "/RF-Server/report/deleteReport" API endpoint, specifically through the report-id parameter. Recommendations: For BMC...