← Back to CVE List

CVE-2020-15887

Published: 2020-07-23T14:15Z
Last Modified: 2024-11-21T05:06Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/ endpoint. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt