CVE-2023-24684 Information

Description

ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php.

Reference

https://github.com/ChurchCRM/CRM http://churchcrm.io/ https://github.com/blakduk/Advisories/blob/main/ChurchCRM/README.md