CVE-2024-30241

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Mar 28, 2024
CWE ID 89

Summary

CVE-2024-30241 is an SQL injection vulnerability affecting Metagauss ProfileGrid. The flaw occurs due to improper neutralization of special elements in SQL commands. This issue puts versions of ProfileGrid from n/a to 5.7.1 at risk. An attacker can exploit this vulnerability to execute malicious SQL commands, potentially leading to unauthorized access, data leakage, or system damage. Users are advised to update their software as soon as a patch is available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share