GHSA-wvpj-mf49-p9p4CriticalCVSS 9.8
OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username...
🔗 CVE IDs covered (1)
📋 Description
OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticated remote attacker to bypass authentication and log in as an administrator without supplying a valid password.