Writer | Version | Last Updated |
---|---|---|
Nguyen Hong Phuc | The final | 08/01/2025 |
An issue was discovered in the Interllect Core Search in Polaris FT. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session.
Intellect Core Banking 9.5
Manipulate the input value sent to the database to execute SQLi with the command SLEEP(10).
OR