CVE-2021-32953

CWE-89 SQL INJECTION:
An attacker could utilize SQL commands to create a new user in the system and update the user’s permissions, granting the attacker the ability to log in.

Risk Information

  • CVE ID
  • CVE-2021-32953
  • Vendor
  • MDT Software
  • Product
  • AutoSave
  • CVSS v3
  • 9.8