A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation.
from Pocket https://ift.tt/38Bhz2b
via IFTTT
No comments:
Post a Comment