Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released
June 26, 2024 at 01:04PM Fortra FileCatalyst Workflow has a critical SQL injection vulnerability (CVE-2024-5276) discovered by Tenable researchers. It allows remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. Exploitation requires enabled anonymous access on the target instance. A public exploit is available, and fixes are provided in … Read more