CVE-2019-7755

Publication date

2020-03-30 16:49:28

Family

mitre

State

PUBLISHED

Description

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.