CVE-2025-1389

Publication date

2025-02-17 04:15:08

Family

twcert

State

PUBLISHED

Description

Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents.