CVE-2023-4671

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile37.76th

PublishedDec 28, 2023

Last ModifiedMay 21, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection. This issue affects ECOP: before 32255.

Affected Platforms (CPE)

📦

Talentyazilim

Ecop

= 32255

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0737

🔗 https://www.usom.gov.tr/bildirim/tr-23-0737

Related Vulnerabilities

CVE-2023-46726.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows ...

CVE-2023-09399.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies...

CVE-2023-11149.8

Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation. This issue affects e-Belediye: from 1.0.0...

CVE-2023-08399.8

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co. InSCADA allows Account Footp...