GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-02-27