CVE-2024-22856

A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt