CVE-2023-47219

Name of the Vulnerable Software and Affected Versions QuMagie versions prior to 2.2.1

Description A SQL injection issue has been reported, potentially allowing authenticated users to inject malicious code via a network. This could be exploited by a remote attacker to execute arbitrary code. The vulnerability is related to the lack of protection measures for the SQL query structure.

Recommendations For versions prior to 2.2.1, update to QuMagie 2.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SQL query functionality until the update is applied.