CVE-2024-47911 Information

Description

In SonarSource SonarQube 10.4 through 10.5 before 10.6 a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands.

Reference

https://sonarsource.atlassian.net/browse/SONAR-22340