CVE-2023-36652

Published: 2023-12-12T01:15Z

Last Modified: 2024-11-21T08:10Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt