CVE-2023-45674

Name of the Vulnerable Software and Affected Versions Farmbot-Web-App versions prior to 15.8.4

Description The Farmbot-Web-App, a web control interface for the Farmbot farm automation platform, contains an SQL injection vulnerability. This issue allows authenticated attackers to extract arbitrary data from its database, including the user table, potentially leading to Information Disclosure.

Recommendations For versions prior to 15.8.4, upgrade to version 15.8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the database to minimize the risk of exploitation. Avoid using the web app until the issue is resolved.