The host is installed with MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.x before 2021.0.9 (13.0.9), 2022.1.x before 2021.1.7 (13.1.7), 2022.0.x before 2022.0.7 (14.0.7), 2022.1.x 2022.1.8 (14.1.8), 2023.0.x before 2023.0.4 (15.0.4) and is prone to a SQL injection vulnerability. A flaw is present in the application, which fails to properly handle issues in database. Successful exploitation could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.