GHSA-7fpj-wc8v-9cgc: terminal42/contao-tablelookupwizard possible SQL injection in widget field value
The currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/terminal42/contao-tablelookupwizard/2022-02-04-1.yaml
- github.com/advisories/GHSA-7fpj-wc8v-9cgc
- github.com/terminal42/contao-tablelookupwizard
- github.com/terminal42/contao-tablelookupwizard/commit/a5e723a28f110b7df8ffc4175cef9b061d3cc717
- github.com/terminal42/contao-tablelookupwizard/security/advisories/GHSA-v3mr-gp7j-pw5w
Code Behaviors & Features
Detect and mitigate GHSA-7fpj-wc8v-9cgc with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →