CVE-2023-23634

Publication date

2023-12-29 00:00:00

Family

mitre

State

PUBLISHED

Description

SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint.