CVE-2014-4736

2014-07-24T14:55:00
ID CVE-2014-4736
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:49:00

Description

SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.