CVE-2022-1429

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in packagist/pimcore/pimcore

Identifiers

CVE-2022-1429

Package Slug

packagist/pimcore/pimcore

Vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Description

SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6.

Affected Versions

All versions before 10.3.6

Solution

Upgrade to version 10.3.6 or above.

Last Modified

2022-05-01

source