Security Advisory

CVE-2021-28157

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-14 19:40:17
Last updated 2024-08-03 21:40:12
Assigner mitre
State PUBLISHED

Description

An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete.