CVE-2022-38148
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in packagist/silverstripe/framework
Identifiers
GHSA-rr8h-f97q-8p9c, CVE-2022-38148
Package Slug
packagist/silverstripe/framework
Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
Silverstripe silverstripe/framework through 4.11 allows SQL Injection.
Affected Versions
All versions starting from 4.0.0 before 4.10.11, all versions starting from 4.11.0 before 4.11.14
Solution
Upgrade to versions 4.10.11, 4.11.14 or above.
Last Modified
2022-11-22
| source |