
Matthew Gardner
Articles
-
Aug 27, 2024 |
dynatrace.com | Matthew Gardner |Sydney Reynolds |Nirmeet Bhogill |Robin Wyss
Following Tenable Research’s disclosure of a critical SQL injection vulnerability in FileCatalyst Workflow in May 2024, further investigation by Dynatrace revealed another SQL injection vulnerability. The vulnerability, identified as CVE-2024-6632, allows the abuse of a form submission during the setup process to make unauthorized modifications of the database. So far, the vulnerability only appears to be exploitable by an authenticated user during the setup process.
Try JournoFinder For Free
Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.
Start Your 7-Day Free Trial →