A vulnerability, which was classified as critical, has been found in xibosignage xibo-cms up to 3.3.11/4.0.13. This issue affects some unknown processing of the component API Route. The manipulation leads to sql injection.
The identification of this vulnerability is CVE-2024-41802. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.