Critical severityNVD Advisory· Published Oct 17, 2025· Updated Oct 20, 2025
CVE-2025-56316
CVE-2025-56316
Description
A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.mingsoft:ms-mcmsMaven | >= 5.5.0, < 6.0.2 | 6.0.2 |
Affected products
2- MCMS/MCMSdescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.