A security analyst is reviewing the output of a vulnerability scan before importing it into the risk management register. The analyst notices an entry for CVE-2023-9999, which mentions that the software has unpatched SQL injection weaknesses. How should the analyst classify this vulnerability?
Cross-site Scripting (XSS)
|Threats, Vulnerabilities, and Mitigations
|Security Program Management and Oversight
|General Security Concepts