CVE-2023-6441

Summary

CVE-2023-6441 is a serious SQL Injection vulnerability affecting UNI-PA University Marketing & Computer Internet Trade Inc.'s University Information System. The issue arises from the improper neutralization of special elements used in SQL commands, allowing attackers to inject malicious code and potentially gain unauthorized access to sensitive data. This vulnerability, which affects all versions prior to 12.12.2023, poses a significant risk to the confidentiality and integrity of impacted systems. Successful exploitation could result in data theft, system damage, or unauthorized system access. Organizations using UNI-PA's University Information System are strongly advised to apply the necessary patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.