404Notfound

**Name of the Vulnerable Software and Affected Versions** Exponent CMS versions 2.4.1 and earlier **Description** The issue concerns a SQL injection vulnerability. It occurs via a base64 serialized API key in the `apikey` parameter within the `api` function of `framework/modules/eaas/controllers/eaasController.php`. **Recommendations** For Exponent CMS versions 2.4.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.