CVE-2019-17119

Name of the Vulnerable Software and Affected Versions WiKID 2FA Enterprise Server versions through 4.2.0-b2053

Description The issue allows authenticated users to execute arbitrary SQL commands via the source or subString parameter in Logs.jsp. This can lead to unauthorized data access and manipulation.

Recommendations For versions through 4.2.0-b2053, update to a version that contains a fix for this issue to prevent SQL injection attacks. As a temporary workaround, consider restricting access to the Logs.jsp page and limiting the use of the source and subString parameters until a patch is available.