CVE-2023-39980

Name of the Vulnerable Software and Affected Versions MXsecurity versions prior to v1.0.1

Description A vulnerability has been identified that allows the unauthorized disclosure of authenticated information. This issue arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands and potentially execute arbitrary commands, leading to unauthorized access to protected information.

Recommendations For MXsecurity versions prior to v1.0.1, update to version v1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to SQL commands to minimize the risk of exploitation. Additionally, ensure that all special elements are properly neutralized to prevent remote attackers from altering SQL commands.