CVE-2022-38538 Information

Description

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.

Reference

https://github.com/hhyo/Archery/blob/v1.8.5/sql/urls.py#L145 https://github.com/hhyo/Archery/blob/v1.8.5/sql/urls.py#L145