Simple Task Scheduling System suffers a critical flaw. Cybersecurity Help experts: It’s the CVE-2022-30927. An attacker could execute arbitrary SQL queries in database, gaining the complete control of the application

Simple Task Scheduling System suffers a dangerous critical vulnerability: the CVE-2022-30927. It has been denounced by Cybersecurity Help experts. The flaw exists due to insufficient sanitization of user-supplied data in the “id” parameter. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database. Successful exploitation of the vulnerability may allow a threat actor to read, delete, modify data in database and gain complete control over the affected application. At the moment, there is any official solution to address the flaw.