Vulnerability in Apache Fineract

CVE-2018-11801

SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table.

EPSS: 0.052 (91.4th percentile) — read the EPSS interpretation.

Affected products

Apache Fineract — versions Apache Fineract versions before 1.3.0 are affected

References

[fineract-dev] 20190509 [CVE-2018-11800] and [CVE-2018-11801] Apache Fineract SQL Injection Vulnerabilities fixed in v1.3.0 (mailing-list, x_refsource_MLIST)
[oss-security] 20190509 [CVE-2018-11800] and [CVE-2018-11801] Apache Fineract SQL Injection Vulnerabilities fixed in v1.3.0 (mailing-list, x_refsource_MLIST)
108291 (vdb-entry, x_refsource_BID)