CVE-2022-43437

CVE-2022-43437

The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database.

Source: CVE-2022-43437