Cisco DNA Spaces: Connector SQL Injection Vulnerability
A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries.
The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in … Read More here
Source:: Cisco Security Advisories