Vulnerability Details CVE-2024-38889
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-38889
-
cpe:2.3:a:horizoncloud:caterease:16.0.1.1663
-
cpe:2.3:a:horizoncloud:caterease:24.0.1.2405