CVE-2023-26020

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*
cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-02-17 18:15

Updated : 2024-11-21 07:50


NVD link : CVE-2023-26020

Mitre link : CVE-2023-26020

CVE.ORG link : CVE-2023-26020


JSON object : View

Products Affected

microsoft

  • windows

linux

  • linux_kernel

apple

  • macos

craftercms

  • crafter_cms
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')