CVE-2019-19286

Name of the Vulnerable Software and Affected Versions XHQ versions prior to 6.1

Description A vulnerability has been identified in the web interface, which could allow SQL injection attacks if an attacker is able to modify the content of particular web pages.

Recommendations For versions prior to 6.1, update to version 6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation. Avoid using user-inputted data in SQL queries until the issue is resolved.