CVE-2019-25359

Name of the Vulnerable Software and Affected Versions SD.NET RIM versions prior to 4.7.3c

Description The software contains a SQL injection issue that allows attackers to inject malicious SQL statements. Attackers can exploit this by sending specially crafted POST requests to the /vorlagen/ endpoint through the idtyp and idgremium parameters, potentially leading to unauthorized database manipulation and information disclosure.

Recommendations Update SD.NET RIM to version 4.7.3c or later.