CVE-2021-32953
CWE-89 SQL INJECTION:
An attacker could utilize SQL commands to create a new user in the system and update the user’s permissions, granting the attacker the ability to log in.
Risk Information
- CVE ID
- CVE-2021-32953
- Vendor
- MDT Software
- Product
- AutoSave
- CVSS v3
- 9.8