Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
07 July 2023
Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities.
The identified SQL injection vulnerability, tagged as CVE-2023-36934, could potentially allow unauthenticated attackers to gain unauthorized