CVE-2022-22149

Publication date

2022-04-14 19:56:40

Family

talos

State

PUBLISHED

Description

A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.