GHSA-rr8h-f97q-8p9c, CVE-2022-38148
packagist/silverstripe/framework
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Silverstripe silverstripe/framework through 4.11 allows SQL Injection.
All versions starting from 4.0.0 before 4.10.11, all versions starting from 4.11.0 before 4.11.14
Upgrade to versions 4.10.11, 4.11.14 or above.
2022-11-22
source |