Wolters Kluwer · Wolters Kluwer B.Point · CVE-2023-49328
**Name of the Vulnerable Software and Affected Versions**
Wolters Kluwer B.POINT version 23.70.00
**Description**
The issue allows a validated system user to achieve remote code execution via Argument Injection in the server-to-server module during the authentication phase.
**Recommendations**
For version 23.70.00, consider restricting access to the server-to-server module to minimize the risk of exploitation until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.