CVE-2025-67811

Published: Jan 9, 2026

Modified: Jan 9, 2026

PUBLISHED

Description

Area9 Rhapsode 1.47.3 allows SQL Injection via multiple API endpoints accessible to authenticated users. Insufficient input validation allows remote attackers to inject arbitrary SQL commands, resulting in unauthorized database access and potential compromise of sensitive data. Fixed in v.1.47.4 and beyond.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://area9.com

https://security.area9lyceum.com/cve-2025-67811/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-67811

Description

Affected Products

References