โ† Back to Dashboard

CVE-2026-49490

HIGH NVD
CVSS Score
8.1
Severity
HIGH
Source
NVD
Published
May 31, 2026
Description

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by manipulating filter requests to execute arbitrary SQL queries against the database.

View Full Details โ† Back