CVE-2021-43766

Name of the Vulnerable Software and Affected Versions Odyssey (affected versions not specified)

Description The issue allows a man-in-the-middle attacker to inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This occurs when Odyssey is configured to use certificate Common Name for client authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.