Vulnerabilities

CVE-2024-47911

by Fred · 04/10/2024

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands.

More information : https://sonarsource.atlassian.net/browse/SONAR-22340

Similar

Tags: Cybersecurity Alert