[20170501] - Core - SQL Injection - Applicacious

[20170501] – Core – SQL Injection

  • Project: Joomla!
  • SubProject: CMS
  • Severity: High
  • Versions: 3.7.0
  • Exploit type: SQL Injection
  • Reported Date: 2017-May-11
  • Fixed Date: 2017-May-17
  • CVE Number: CVE-2017-8917

Description

Inadequate filtering of request data leads to a SQL Injection vulnerability.

Affected Installs

Joomla! CMS versions 3.7.0

Solution

Upgrade to version 3.7.1

Contact

The JSST at the Joomla! Security Centre.

Reported By: Marc-Alexandre Montpas / sucuri.net
  • in Blog
  • by
  • May 17, 2017
  • Comments Off on [20170501] – Core – SQL Injection

Comments are closed.

%d bloggers like this: