Jm_Aparicio

**Name of the Vulnerable Software and Affected Versions** Saifor CVMS HUB version 1.3.1 **Description** The issue allows an authenticated user to execute arbitrary SQL commands. This is achieved via multiple parameters to the "/cvms-hub/privado/seccionesmib/secciones.xhtml" API endpoint. The vulnerable parameters include `j idt118`, `j idt120`, `j idt122`, `j idt124`, `j idt126`, `j idt128`, and `j idt130` under `formularioGestionarSecciones:tablaSeccionesMib:*:filter` in POST requests, as well as the `nombreAgente` parameter in GET requests. **Recommendations** For Saifor CVMS HUB version 1.3.1, consider restricting access to the "/cvms-hub/privado/seccionesmib/secciones.xhtml" endpoint until a patch is available. As a temporary workaround, avoid using the parameters `j idt118`, `j idt120`, `j idt122`, `j idt124`, `j idt126`, `j idt128`, `j idt130`, and `nombreAgente` in requests to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.