CVE-2024-42844

A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanitized user input fields to obtain unauthorized information > MITRE Terms of Use apply – see LICENSE‑MITRE.txt