CVE-2023-48029

Name of the Vulnerable Software and Affected Versions Corebos versions 8.0 and below

Description The issue allows an attacker with low privileges to inject a malicious command into a table, which is then executed when an administrator exports the data to a CSV file and opens it, potentially leading to the execution of a malicious payload on the administrator's computer. This occurs when the administrator visits the user management section.

Recommendations For Corebos versions 8.0 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.