CVE-2024-9968

Name of the Vulnerable Software and Affected Versions WebEIP version 3.0

Description The issue concerns a lack of proper validation of user input, allowing remote attackers with regular privilege to inject SQL commands and potentially read, modify, or delete data stored in the database. The affected product is no longer maintained.

Recommendations As a temporary workaround, consider restricting access to the database until a patch is available. Upgrade to a supported version for enhanced security. At the moment, there is no information about a newer version that contains a fix for this vulnerability.