CVE-2024-4228

Name of the Vulnerable Software and Affected Versions Magarsus Consultancy SSO versions 1.0 through 1.1

Description The issue is related to SQL Injection, which allows for the exposure of sensitive information to unauthorized actors and insufficiently protected credentials. This is due to the improper neutralization of special elements used in an SQL command.

Recommendations For versions 1.0 through 1.1, update to a version 1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and credentials to minimize the risk of exploitation.