Response to Release Note Mention of SQL Injection Vulnerability
In the release notes for K1000 v6.3 there is mention of a known vulnerability issue that states, "Failure to properly escape the $_POST["cbox"] variable leaves Delete operations vulnerable to SQL injection exploits." This article aims to better explain this known issue and its impact.
Sign In Required
You need to be signed in and under a current maintenance contract to view premium knowledge articles.