CVE-2021-43361

CRITICAL

MedData HBYS < 1.1 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1.

References (1)

Core 1
Core References

Scores

CVSS v3 9.9
EPSS 0.0060
EPSS Percentile 44.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
meddata/hbys < 1.1
Published Nov 16, 2021
Tracked Since Feb 18, 2026