SQL Injection Vulnerability in Devolutions Server 2022.3.12 and Earlier

SQL Injection Vulnerability in Devolutions Server 2022.3.12 and Earlier

CVE-2023-0953 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.