CVE-2024-40614 Information

Description

EGroupware before 23.1.20240624 mishandles an ORDER BY clause.

Reference

https://syss.de https://github.com/EGroupware/egroupware/releases/tag/23.1.20240624 https://help.egroupware.org/t/egroupware-maintenance-security-release-23-1-20240624/78438 https://github.com/EGroupware/egroupware/compare/23.1.20240430…23.1.20240624 https://github.com/EGroupware/egroupware/commit/553829d30cc2ccdc0e5a8c5a0e16fa03a3399a3f