CVE-2023-49954 Information

Description

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name search string or email address.

Reference

https://cve-2023-49954.github.io/