| Description: | | Esafenet CDG electronic document security management system is the earliest document encryption and decryption product in China based on file filtering and driving technology. The protection scope covers terminal computers (Windows, Mac, Linux system platforms), smart terminals (Android, IOS) and various application systems (OA, knowledge management, document management, project management, PDM, etc.). There is a sql injection vulnerability in this system. The vulnerability stems from the fact that the parameter HookId in the file/com/esafenet/servlet/policy/HookService.java can cause SQL injection. |