Unauthenticated SQL Injection Vulnerability in KOHA Library Automation System

CVE-2022-0495 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.