CVE-2025-6766
CVE-2025-6766 affects sfturing hosp_order (up to commit 627f426331da8086ce8fff2017d65b1ddef384f8). The vulnerability lies in OfficeServiceImpl.java:getOfficeName, where manipulation of the officesName argument enables SQL injection. Attacks can be initiated remotely, and public disclosure suggest...