SQL Injection Vulnerability in it-novum openITCOCKPIT 4.6.4

SQL Injection Vulnerability in it-novum openITCOCKPIT 4.6.4

CVE-2023-36663 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.