Lucene search

K

[email protected]NVD:CVE-2024-37843

HistoryJun 25, 2024 - 9:15 p.m.

CVE-2024-37843

2024-06-2521:15:59

[email protected]

web.nvd.nist.gov

4

craft cms v3.7.31

sql injection

graphql api

vulnerability

0.0004 Low

EPSS

Percentile

9.1%

Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.

References

blog.smithsecurity.biz/craft-cms-unauthenticated-sqli-via-graphql

0.0004 Low

EPSS

Percentile

9.1%

Related for NVD:CVE-2024-37843