Threez

**Name of the Vulnerable Software and Affected Versions** CesiumLab Web versions prior to 4.1 **Description** A critical vulnerability exists in CesiumLab Web. The issue affects unknown code within the `/lodmodels/` file and allows for SQL injection through manipulation of the `ID` argument. This attack can be initiated remotely. The exploit has been publicly disclosed, and the vendor was informed but did not respond. **Recommendations** Update CesiumLab Web to version 4.1 or later.