2026-02-12 00:00:00
mitre
PUBLISHED
CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list query interface (/user/list) via the departmentIds parameter.