CVE-2024-28094

CVE-2024-28094 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.