Overview :
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm’online CRM-System SDK 7.13 permits attackers to execute arbitrary SQL commands using the value parameter.
Affected Product(s) :
NVD (National Vulnerability Database) CWE Slice
Vulnerability Details :
CVE ID : CVE-2019-15301

Solution : The vulnerabilities are fixed in latest versions