A blind SQL injection flaw was found in tower API. This issue may allow an attacker to craft a malicious SQL query into the SOCIAL_AUTH_GITHUB_KEY parameter in the /api/v2/settings/all/ endpoint and completely compromise the backend tower SQL database.Read More