CVE-2026-22195

Name of the Vulnerable Software and Affected Versions GestSup versions up to and including 3.2.56

Description GestSup versions up to and including 3.2.56 contain a SQL injection issue in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization, allowing an authenticated attacker to manipulate database queries. Successful exploitation can result in unauthorized access to or modification of database contents depending on database privileges. The vulnerable component is the search bar. The input to the search bar, controlled by the user, is directly used in SQL queries without proper sanitization.

Recommendations Update GestSup to a version newer than 3.2.56.