LOW
Tiobon
CVE published 2026-06-07
CVE-2026-11453
A SQL injection vulnerability was found in Tiobon Employee Self-Service System up to version 7.2. The vulnerability affects the /Blog/BlogSearch.aspx file in an unknown functionality of the Login Endpoint. The manipulation of the argument Keyword results in SQL injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disc [truncated]