Testlink · Testlink · CVE-2018-7466
**Name of the Vulnerable Software and Affected Versions**
TestLink versions prior to 1.9.17
**Description**
The issue allows remote attackers to conduct injection attacks by providing a long, crafted value during the installation process, leveraging control over DB LOGIN NAMES data in the install/installNewDB.php file.
**Recommendations**
For TestLink versions prior to 1.9.17, update to version 1.9.17 or later to resolve the issue.