CVE-2022-32456

Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt