Critical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL Queries
Posted: Tue Nov 18, 2025 4:34 am
A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise installations, exposing organizations to severe security risks.
The vulnerability, tracked as CVE-2025-8324, enables attackers to execute arbitrary SQL queries without authentication, potentially leading to complete database compromise and unauthorized access to sensitive business intelligence.
https://cyberpress.org/zoho-analytics-plus-flaw/
The vulnerability, tracked as CVE-2025-8324, enables attackers to execute arbitrary SQL queries without authentication, potentially leading to complete database compromise and unauthorized access to sensitive business intelligence.
https://cyberpress.org/zoho-analytics-plus-flaw/