CVE-2025-70420 PUBLISHED

Assigner: mitre
Reserved: 09.01.2026 Published: 21.04.2026 Updated: 21.04.2026

A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements.

Product Status

Vendor	n/a
Product	n/a
Versions	Version n/a is affected

References

http://genesys.com
https://okunsec.com/research/cve-2025-70420

Problem Types

n/a text