SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 65.1%