CVE-2008-6049

2009-02-04T15:30:00
ID CVE-2008-6049
Type cve
Reporter cve@mitre.org
Modified 2009-03-21T05:52:00

Description

REJECT SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers to execute arbitrary SQL commands via the menuID parameter. NOTE: CVE and multiple reliable third parties dispute this issue, since TinyMCE does not contain index.php or any PHP code. This may be an issue in a product that has integrated TinyMCE.