PT-2026-1877 · Unknown+1 · Tim Bpm Suite+1
Published
2026-01-09
·
Updated
2026-01-09
·
CVE-2025-67281
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
TIM BPM Suite/ TIM FLOW versions through 9.1.2
Description
The software contains multiple SQL injection flaws that could allow both low-privileged and administrative users to access the database and its contents.
Recommendations
Versions prior to 9.1.2 are affected.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tim Bpm Suite
Tim Flow