CVE-2024-43415 – “Decidim Awesome Module SQL Injection”

CVE ID : CVE-2024-43415

Published : Nov. 12, 2024, 4:15 p.m. | 1 hour ago

Description : An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module 0.9.0) allows an authenticated admin user to manipulate sql queries to disclose information, read and write files or execute commands.

Severity: 9.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-43415 – “Decidim Awesome Module SQL Injection”