Home
MEDIUM: 6.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:HDefault status
unaffected
2025.1.0 (semver) before 2025.1.3
affected
Any version before 2025.0.7
affected
Description
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Problem types
CWE-943 Improper Neutralization of Special Elements in Data Query Logic
Product status
2025.1.0 (semver) before 2025.1.3
Any version before 2025.0.7
Credits
Niv Levy
References
docs.progress.com/...tes-2026/page/Fixed-Issues-in-2026.html