A vulnerability was found in SonarSource SonarQube 10.4.x/10.5.x. It has been declared as critical. This vulnerability affects unknown code of the file authorizations/group-memberships of the component API Endpoint. The manipulation leads to sql injection.
This vulnerability was named CVE-2024-47911. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.