CVE-2026-22196

Name of the Vulnerable Software and Affected Versions GestSup versions up to and including 3.2.56

Description GestSup versions up to and including 3.2.56 contain a SQL injection issue in the ticket creation functionality. User-controlled input during ticket creation is used in SQL queries without proper sanitization, potentially allowing an authenticated attacker to manipulate database queries. Successful exploitation could lead to unauthorized access or modification of database contents, depending on database privileges.

Recommendations Update GestSup to a version newer than 3.2.56.