CVE-2025-39479

Name of the Vulnerable Software and Affected Versions Smart Notification versions n/a through 10.3

Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows an attacker to inject malicious SQL code.

Recommendations For Smart Notification versions n/a through 10.3, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.