CVE-2024-28094 Information

Description

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read modify and delete database records.

Reference

https://www.themissinglink.com.au/security-advisories/cve-2024-28094 https://schoolbox.education/