CVE-2023-39122 Information

Description

BMC Control-M Software v9.0.20.200 was discovered to contain a SQL injection vulnerability via the report-id parameter at /report/deleteReport.

Reference

https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection