CVE-2024-54258
CVSS 3.1 Score 8.5 of 10 (high)
Details
Published Dec 13, 2024
CWE ID 89
Summary
CVE-2024-54258 is an SQL Injection vulnerability affecting the anzia Ni CRM Lead software. The issue stems from improper neutralization of special elements in SQL commands, allowing unauthorized SQL injection. This vulnerability, present in versions from n/a to 1.3.0, poses a significant risk as an attacker can execute malicious SQL queries, potentially leading to data theft or system compromise. Users are advised to apply patches or upgrades as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share