An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations.
{ "github_reviewed": true, "cwe_ids": [ "CWE-89" ], "severity": "HIGH", "nvd_published_at": "2025-08-27T18:15:46Z", "github_reviewed_at": "2025-08-27T19:29:13Z" }