CVE-2023-47438: SQL Injection vulnerability in Reportico Till

March 28, 2024 (updated September 4, 2024)

SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information or other system information via the project parameter.

References

github.com/advisories/GHSA-jjf4-959w-f545
github.com/reportico-web/reportico
github.com/reportico-web/reportico/issues/52
nvd.nist.gov/vuln/detail/CVE-2023-47438

Detect and mitigate CVE-2023-47438 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →