Stackideas · Easydiscuss · CVE-2023-51810
**Name of the Vulnerable Software and Affected Versions**
StackIdeas EasyDiscuss versions 5.0.5 through 5.0.9
**Description**
A SQL injection issue allows a remote attacker to obtain sensitive information via a crafted request to the `search` parameter in the Users module.
**Recommendations**
For versions 5.0.5 through 5.0.9, update to version 5.0.10 to resolve the issue.
As a temporary workaround, consider restricting access to the Users module or disabling the search functionality until a patch is applied.