Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5.
Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
References
| Link | Resource |
|---|---|
| http://www.openwall.com/lists/oss-security/2024/03/29/3 | Mailing List |
| https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report | Vendor Advisory |
| https://lists.apache.org/thread/g8sv1gnjv716lx2h89jbvjdgtrrjmy7h | Mailing List Vendor Advisory |
| http://www.openwall.com/lists/oss-security/2024/03/29/3 | Mailing List |
| https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report | Vendor Advisory |
| https://lists.apache.org/thread/g8sv1gnjv716lx2h89jbvjdgtrrjmy7h | Mailing List Vendor Advisory |
Configurations
History
13 Feb 2025, 18:17
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue. |
12 Dec 2024, 18:09
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apache
Apache fineract |
|
| CPE | cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:* | |
| References | () http://www.openwall.com/lists/oss-security/2024/03/29/3 - Mailing List | |
| References | () https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report - Vendor Advisory | |
| References | () https://lists.apache.org/thread/g8sv1gnjv716lx2h89jbvjdgtrrjmy7h - Mailing List, Vendor Advisory |
Information
Published : 2024-03-29 15:15
Updated : 2025-02-13 18:17
NVD link : CVE-2024-23539
Mitre link : CVE-2024-23539
CVE.ORG link : CVE-2024-23539
JSON object : View
Products Affected
apache
- fineract
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')