SQL-Injection Vulnerability in OAKlouds Portal's Meeting Room

SQL-Injection Vulnerability in OAKlouds Portal's Meeting Room

CVE-2022-38118 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.