CVE-2026-50644

SOPlanning · SOPlanning

SOPlanning contains a SQL injection vulnerability in the audit retention configuration, allowing an authenticated high-privileged user to execute arbitrary SQL commands.

Executive summary

A critical SQL injection vulnerability in the SOPlanning audit retention module allows an authenticated administrator to gain unauthorized control over the database.

Vulnerability

The application fails to properly sanitize input within the audit retention configuration interface. An authenticated user with high privileges can inject malicious SQL queries, leading to unauthorized data access or modification within the backend database.

Business impact

With a CVSS score of 8.6, this vulnerability represents a severe threat to data integrity and confidentiality. Unauthorized modification or extraction of data from the database could lead to significant operational disruption and a breach of sensitive organizational records.

Remediation

Immediate Action: Update the SOPlanning installation to version 1.56.01 or higher to patch the SQL injection vulnerability.

Proactive Monitoring: Enable database query logging and monitor for unusual or high-frequency SQL commands originating from the web application service account.

Compensating Controls: Enforce strict database access controls and utilize parameterized queries or a WAF to inspect and block suspicious input strings containing SQL syntax.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability enables direct database manipulation, which is a high-risk scenario. Organizations must prioritize applying the update to 1.56.01 to prevent potential data loss or unauthorized access resulting from SQL injection.