2025-01-16 00:00:00
mitre
PUBLISHED
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component apply/save#oaContractApply.id.