CVE-2020-7939

Опубликовано: 23 янв. 2020

Источник: redhat

CVSS3: 8.8

Описание

SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	conga	Out of support scope

Показывать по

Статус:

Moderate

Дефект:

CWE-89

https://bugzilla.redhat.com/show_bug.cgi?id=1798204plone: SQL injection due to insufficient SQL quoting in DTML or in connection objects

8.8 High

CVSS3

CVE-2020-7939

CVSS3: 8.8

nvd

около 6 лет назад

SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)

GHSA-hhmf-7rgg-gcw5

CVSS3: 8.8

github

больше 3 лет назад

Plone SQL Injection Vulnerability

8.8 High

CVSS3