CVE-2023-24220 Information

Description

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml.

Reference

https://github.com/seagull1985/LuckyFrameWeb/issues/22