CVE-2023-47609 Information

Description

SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request.

Reference

https://oss-calendar.com/news/20231113/ https://jvn.jp/en/jp/JVN67822421/