SQL Injection in Soplanning

CVE-2026-50644

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parameters_all rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the au…

Vulnerability class: SQL Injection

Affected products

Weakness classification (CWE)

References