2021-05-26 11:58:21
mitre
PUBLISHED
Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API.