Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.
CPE | Name | Operator | Version |
---|---|---|---|
snow_license_manager | ge | 8.0.0 | |
snow_license_manager | le | 9.30.1 |