SQL Injection in Centralny Instytut Ochrony Pracy - Państwowy Badawczy Ster
CVE-2026-25606
A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as …
Vulnerability class: SQL Injection
EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)