CVE-2023-53972

Name of the Vulnerable Software and Affected Versions WebTareas version 2.4

Description WebTareas 2.4 contains a SQL injection issue in the webTareasSID cookie parameter. This allows unauthenticated attackers to manipulate database queries. Attackers can use error-based and time-based blind SQL injection techniques to extract database information and potentially access sensitive system data. The webTareasSID parameter is susceptible to this manipulation.

Recommendations WebTareas version 2.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.