CVE-2025-51506
The CVE-2025-51506 affects HRForecast Suite 0.4.3, specifically the smartLibrary component. A SQL injection flaw resides in the valueKey parameter used by the API endpoint /api/smartlibrary/v2/en/dictionaries/options/lookup, enabling any authenticated user to craft payloads that execute arbitrary...