Hi everyone
I just read a worrying article on 2 big security flaws in SC 9.12.006 - does anyone know any more about this or know if fixes or mitigation have been issued? Link to the article below.
But basically one is based on a flaw in the password reset functionality. The other is an injection issue.
Hi
ScriptCase v9.12.024 (2025-08-05 18:20) - Scriptcase 9 / Changelog - Scriptcase Low-code
https://forum.scriptcase.net/t/scriptcase-v9-12-025-2025-08-13-16-37/37664/2
Thanks aamartinezz.
I did check the Changelog but these reports have different CVE numbers, are they definitely the same issues? These are CVE-2025-47227 and CVE-2025-47228.
SC uses a number instead of the CVE, which causes confusion.
Please, SC, use references to published CVEs in security notices for better tracking and traceability. Thank you!