SQL Injection Vulnerability in Soar Cloud System's HR Portal

SQL Injection Vulnerability in Soar Cloud System's HR Portal

CVE-2021-22854 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.