terminal42/contao-tablelookupwizard possible SQL injection in widget field value
The currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility.
The currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility.
Impact The currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility. Patches The issue has been patched in tablelookupwizard For more information If you have any questions or comments about this advisory: Open an issue in https://github.com/terminal42/contao-tablelookupwizard Email us at info@terminal42.ch