What is GHSA-6vwp-cg8j-vqgh?

GHSA-6vwp-cg8j-vqgh is a security advisory published by GitHub Security Advisories with High severity. A SQL injection vulnerability has been identified in STER. Improper neutralization of input...

Which CVE IDs does GHSA-6vwp-cg8j-vqgh cover?

GHSA-6vwp-cg8j-vqgh covers the following CVE IDs: CVE-2026-25606. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-6vwp-cg8j-vqghHigh

A SQL injection vulnerability has been identified in STER. Improper neutralization of input...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-25606 →

📋 Description

A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any other data that the application itself is able to access

This issue was fixed in version 9.5.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-25606
https://cert.pl/posts/2026/05/CVE-2026-25606
https://www.ciop.pl/CIOPPortalWAR/appmanager/ciop/pl?_nfpb=true&_pageLabel=P52000165211572544981480
https://github.com/advisories/GHSA-6vwp-cg8j-vqgh