Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published.
https://www.usom.gov.tr/bildirim/tr-26-0085
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0085