SQL injection vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid route and extract all the information stored in the application.
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-helpdezk-community