CVE-2021-44868: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

February 18, 2022 (updated March 1, 2022)

A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do

References

github.com/advisories/GHSA-2pmw-cvc7-frvh
github.com/ming-soft/MCMS/issues/58
nvd.nist.gov/vuln/detail/CVE-2021-44868

Detect and mitigate CVE-2021-44868 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →