CVE-2026-25606

Vulnerability Description

A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any
other data that the application itself is able to access

This issue was fixed in version 9.5.

Vulnerability Details

Published Date

May 22, 2026

Last Modified

May 22, 2026

CWE ID

CWE-89

Source

NVD

Vendor

Centralny Instytut Ochrony Pracy - Państwowy Instytut Badawczy

Product

STER

External References

https://cert.pl/posts/2026/05/CVE-2026-25606
https://www.ciop.pl/CIOPPortalWAR/appmanager/ciop/pl?_nfpb=true&_pageLabel=P52000165211572544981480

CVE-2026-25606

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment