Behrad Taher

**Name of the Vulnerable Software and Affected Versions** Webtareas versions 2.4p3 and earlier **Description** An SQL Injection issue exists via the `$uq` HTTP POST parameter in `editapprovalstage.php`. This allows for potential exploitation. **Recommendations** For versions 2.4p3 and earlier, consider restricting access to the `editapprovalstage.php` endpoint until a fix is available. As a temporary workaround, avoid using the `$uq` parameter in the affected HTTP POST requests to minimize the risk of exploitation.