A vulnerability, which was classified as critical, was found in Sparx Enterprise Architect 16.0.1605 on 32-bit. Affected is an unknown function of the component Select Classifier Dialog Box. The manipulation of the argument Find leads to sql injection.
This vulnerability is traded as CVE-2022-47072. The attack can only be initiated within the local network. There is no exploit available.