CVE-2023-24219 Information

Description

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml.

Reference

https://github.com/seagull1985/LuckyFrameWeb/issues/24