CVE-2019-15567

OpenForis Arena before 2019-05-07 allows SQL injection in the sorting feature.