CVE-2023-24840

Name of the Vulnerable Software and Affected Versions MailSherlock (affected versions not specified)

Description The issue is related to the lack of protection against SQL query structure exploitation in the email audit record platform. This can be exploited by a remote attacker to execute arbitrary SQL queries. An authenticated remote attacker with administrator privileges can inject SQL commands to read, modify, and delete the database due to insufficient validation of user input in the mail query function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.