CVE-2021-43481

Name of the Vulnerable Software and Affected Versions Webtareas versions 2.4p3 and earlier

Description An SQL Injection issue exists via the $uq HTTP POST parameter in editapprovalstage.php. This allows for potential exploitation.

Recommendations For versions 2.4p3 and earlier, consider restricting access to the editapprovalstage.php endpoint until a fix is available. As a temporary workaround, avoid using the $uq parameter in the affected HTTP POST requests to minimize the risk of exploitation.