CVE-2023-24221 Information

Description

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml.

Reference

https://github.com/seagull1985/LuckyFrameWeb/issues/23