CVE-2023-6097 Information

Description

A SQL injection vulnerability has been found in ICS Business Manager affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted causing the application to malfunction.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-icssolution-ics-business-manager