CVE-2026-52673

Description

SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component

References

• http://cboard.com
• https://gist.github.com/onehang01/93d233a8aef2fc73294c25db8ca3b424
• https://www.chuguotech.com/#/