A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the ‘par_year’ parameter when running a report.

By admin