Key Findings Zoho Corporation has released an urgent security advisory addressing a critical severity SQL injection vulnerability affecting Analytics Plus on-premise installations. The vulnerability, tracked as CVE-2025-8324, has a CVSS score of 9.8 and allows unauthenticated remote attackers to execute arbitrary SQL queries. Exploitation of this flaw can lead to unauthorized data exposure and, in severe cases, account takeover. Background Zoho Analytics Plus is a widely used
