SQL Injection in Qingdao Esoft Tianchuang Network Technology Co., Ltd. Zentao Biz

CVE-2022-4984

ZenTao Biz < 6.5, ZenTao Max < 3.0, ZenTao Open Source Edition < 16.5, and ZenTao Open Source Edition < 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account pa…

Vulnerability class: SQL Injection

EPSS: 0.004 (31.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References