Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5.
Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
Metrics
Affected Vendors & Products
References
History
Thu, 13 Feb 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue. | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue. |
Title | Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. | Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. |
Thu, 12 Dec 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache fineract |
|
CPEs | cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apache
Apache fineract |

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-02-13T17:39:46.405Z
Reserved: 2024-01-18T05:12:01.266Z
Link: CVE-2024-23539

Updated: 2024-08-01T23:06:25.209Z

Status : Modified
Published: 2024-03-29T15:15:10.803
Modified: 2025-02-13T18:17:03.417
Link: CVE-2024-23539

No data.

No data.