First published: Tue Mar 28 2023(Updated: )
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through 1.8.2.
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Fineract | >=1.4.0<=1.8.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-25197.
The title of the vulnerability is 'Improper Neutralization of Special Elements used in an SQL Command ( SQL Injection ) vulnerability in Apache Software Foundation apache fineract.'
The affected software is Apache Fineract versions 1.4 through 1.8.2.
The severity of CVE-2023-25197 is medium with a CVSS score of 6.3.
To fix CVE-2023-25197, update Apache Fineract to a version higher than 1.8.2.