CVE-2026-22197

Name of the Vulnerable Software and Affected Versions GestSup versions up to and including 3.2.56

Description GestSup versions up to and including 3.2.56 have multiple SQL injection flaws in the asset list functionality. Request parameters used to filter, search, or sort assets are included in SQL queries without proper sanitization. A successful attack by an authenticated user could lead to unauthorized access or modification of database contents, depending on database permissions.

Recommendations Update GestSup to a version newer than 3.2.56.