OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-05-14T00:30:14
Updated: 2024-08-03T04:20:50.506Z
Reserved: 2022-02-10T00:00:00
Link: CVE-2022-24831
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-14T01:15:06.847
Modified: 2022-05-24T16:53:00.667
Link: CVE-2022-24831
Redhat
No data.