CVE-2024-40456 Information

Description

ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \system\action\update.php.

Reference

https://www.notion.so/ThinkSAAS-administrator-backend-SQL-injection-3a5c8c72fc374446892f8dc81ec94923?pvs=4