CVE-2021-42369

Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of the Contact Manager web GUI. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt