CVE-2022-46763

Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225

Description A SQL injection issue in a database stored function allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code.

Recommendations For TrueConf Server version 5.2.0.10225, consider restricting database access to prevent low-privileged users from executing arbitrary SQL commands until a patch is available. As a temporary workaround, limit the privileges of the database user to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.