SQL Injection in Orion Platform 

(CVE-2022-36961)

Summary

A component of Orion Platform was found to be vulnerable to SQL Injection attacks. An authenticated attacker could leverage this for privilege escalation or remote code execution.

Affected Products

  • Orion Platform 2022.2 and earlier

Fixed Software Release

Advisory Details

Severity

8.0 High

Advisory ID

First Published

09/28/2022