CVE-2024-12016

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection.This issue affects CM News: through 6.0. NOTE: The vendor was contacted and it was learned that the product is not supported. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt