Sql injection

2021-03-0523:15:00

PRIOn knowledge base

www.prio-n.com

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.6%

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.

CPENameOperatorVersion
kentico_cmseq5.5 r2build5.5.3996

CPE	Name	Operator	Version
	kentico_cms	eq	5.5 r2build5.5.3996

References

gist.github.com/stasinopoulos/673ae3c31d703b4d67449f4d8888c686

kontent.ai

www.obrela.com/kentico-cms-critical-vulnerability/