CVE-2022-35628

SQL Injection in typo3 extension "LUX - TYPO3 Marketing Automation" in packagist/in2code/lux

Identifiers

GHSA-rpxg-hg79-h8q9, CVE-2022-35628

Package Slug

packagist/in2code/lux

Vulnerability

SQL Injection in typo3 extension "LUX - TYPO3 Marketing Automation"

Description

A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3.

Affected Versions

All versions before 17.6.1, all versions starting from 18.0.0 before 24.0.2

Solution

Upgrade to versions 17.6.1, 24.0.2 or above.

Last Modified

2022-07-26

source