This vulnerability arises from improper neutralization of special characters in SQL queries, allowing unauthenticated attackers to perform SQL injection attacks. Successful exploitation grants attackers unauthorized access to the backend database, exposing sensitive business and customer data. It can also lead to full system compromise in many deployment scenarios.
Remediation
Organizations running affected versions should immediately upgrade to version 4.5.001 or later. Restrict direct database access to only trusted IP addresses where possible. Monitor database query logs for unusual activity to detect early exploitation attempts.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.