CVE-2016-4040

Published April 19th, 2016

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter.

dotCMS/core

The Visual Headless Content Management System for Enterprises

GitHub

947