CVE-2025-48701 Information

Description

openDCIM through 23.04 allows SQL injection in people_depts.php because prepared statements are not used.

Reference

https://github.com/opendcim/openDCIM/issues/1601