An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
8.9 High
07/15/2021
Orion Platform 2020.2.5 HF1, 2020.2.6, 2019.4.2, 2019.2 HF4