Blind SQL Injection Vulnerability in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24

Blind SQL Injection Vulnerability in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24

CVE-2020-24569 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.