CVE-2021-4298
CVE-2021-4298 affects Hesburgh Libraries of Notre Dame Sipity. The vulnerability is a SQL injection in the function SearchCriteriaForWorksParameter (file: app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb). Root cause: improper handling of input in the parameter logic leadin...