Severity : High
CVE ID : CVE-2022-47523
An SQL Injection vulnerability (CVE-2022-47523) was discovered in Password Manager Pro, PAM360 and Access Manager Plus. We have fixed this issue by adding proper validation and escaping special characters.
|Product Name||Affected Version(s)||Fixed Version(s)||Fixed On|
|Password Manager Pro||12200 and below||12210||30-12-2022|
|PAM360||5800 and below||5801||28-12-2022|
|Access Manager Plus||4308 and below||4309||29-12-2022|
Given the severity of this vulnerability, customers are strongly advised to upgrade to the latest build of PAM360, Password Manager Pro and Access Manager Plus immediately.
This vulnerability can allow an adversary to execute custom queries, and access the database table entries using the vulnerable request.
Please contact the product support for further details at the below mentioned email addresses:
Password Manager Pro: email@example.com
Access Manager Plus: firstname.lastname@example.org