OpenForis Arena before 2019-05-07 allows SQL injection in the sorting feature.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected