Tag
A SQL injection vulnerability exists in LORIS versions prior to 27.0.3 and 28.0.1, allowing attackers to access or alter data via the MRI feedback popup window in the imaging browser.