CVE-2022-32456

Name of the Vulnerable Software and Affected Versions Digiwin BPM (affected versions not specified)

Description The issue is related to insufficient validation for user input in a function of Digiwin BPM. This allows an unauthenticated remote attacker to inject arbitrary SQL commands, potentially accessing, modifying, or deleting the database, or disrupting the service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.