CVE-2026-9524 | xianrendzw EasyReport up to 2.0.17.0522_Beta REST Endpoint execute reportParams sql injection

A vulnerability, which was classified as critical, was found in xianrendzw EasyReport up to 2.0.17.0522_Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection.

This vulnerability is tracked as CVE-2026-9524. The attack can be launched remotely. No exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More