Harmony

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-56385 CRITICAL This Week

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Authentication Bypass Harmony

NVD

CVSS 3.1

9.8

EPSS

0.2%

CVE-2025-56385

EPSS 0% CVSS 9.8

CRITICAL This Week

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Authentication Bypass Harmony

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy