Headline
CVE-2023-24685: GitHub - ChurchCRM/CRM: ChurchCRM is an OpenSource Church CRM & Management Software.
ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module.
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Related news
ChurchCRM 4.5.3 SQL Injection
ChurchCRM versions 4.5.3 and below suffer from a remote SQL injection vulnerability.