VYPR
Unrated severityNVD Advisory· Published Feb 18, 2022· Updated Aug 4, 2024

CVE-2020-8242

CVE-2020-8242

Description

Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.