SQL Injection in Progress Software Flowmon Ads
CVE-2026-9272
In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System (ADS) may send specially crafted requests that could res…
Vulnerability class: SQL Injection
Affected products
- Progress Software Flowmon Ads — versions Flowmon ADS 12 versions prior to 12.5.6, Flowmon ADS 13 versions prior to 13.0.5
Weakness classification (CWE)
References
- security@progress.com (vendor-advisory)