CVE-2022-31325 Information

Description

There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the ‘PersonID’ field in /churchcrm/WhyCameEditor.php.

Reference

https://github.com/ChurchCRM/CRM/issues/6005