XM^online 2 User Account and Authentication server 1.0.0 allows SQL injection via a tenant key.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xm-online | xm^online_2_user_account_and_authentication_server | 1.0.0 |
XM^online 2 Common Utils and Endpoints 0.2.1 allows SQL injection, related to Constants.java, DropSchemaResolver.java, and SchemaChangeResolver.java.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xm-online | xm^online_2_-_common_utils_and_endpoints | 0.2.1 |