Security Advisory

CVE-2024-44903

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-25 00:00:00

Last updated 2025-03-25 13:23:08

Assigner mitre

State PUBLISHED

Description

SQL Injection can occur in the SirsiDynix Horizon Information Portal (IPAC20) through 3.25_9382; however, a patch is available from the vendor. This is in ipac.jsp in a SELECT WHERE statement, in a part of the uri= variable in the second part of the full= inner variable.

← Browse all CVEs View on cve.org ↗