CVE-2017-1000067

Published July 17th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.

modxcms/revolution

MODX Revolution - Content Management Framework

GitHub

1.4K