Modern Campus · Modern Campus - Omni Cms · CVE-2022-40766
**Name of the Vulnerable Software and Affected Versions**
Modern Campus Omni CMS (formerly OU Campus) version 10.2.4
**Description**
The issue allows for SQL injection via a specific substring on the login page. This can be achieved by using a substring such as ' OR 1 = 1 -- - , <?php'.
**Recommendations**
For Modern Campus Omni CMS (formerly OU Campus) version 10.2.4, as a temporary workaround, consider restricting access to the login page until a patch is available. Avoid using the vulnerable login functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.