CVE-2026-4317 | Umami Software application 3.0.2 Request Parameter prisma.rawQuery/prisma.queryRawUnsafe sql injection

A vulnerability has been found in Umami Software application 3.0.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Request Parameter Handler. This manipulation of the argument prisma.rawQuery/prisma.queryRawUnsafe causes sql injection.

This vulnerability appears as CVE-2026-4317. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More