Successful exploitation of the
string injection vulnerability could allow an attacker to obtain memory address
information or crash the application.
Users and administrators of the
affected product version are advised to update to the latest version 8.9.4
immediately.