SQL Injection Vulnerability in Yonyou TurboCRM Affects Sensitive Data Security
CVE-2021-41746
7.5HIGH
What is CVE-2021-41746?
A SQL Injection vulnerability has been identified in Yonyou TurboCRM, allowing attackers to exploit the 'orgcode' parameter in the 'changepswd.php' file. This security flaw could enable unauthorized access to sensitive database information, raising concerns about data integrity and confidentiality. Proper remediation is critical to safeguard against potential exploitation and protect valuable data assets.