2 matches found
GHSA-72HH-XF79-429P Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()
Summary User input passed directly into an SQL statement allows non-admin backend users to execute arbitrary SQL statements. Details The /admin/object/grid-proxy endpoint calls getFilterCondition on fields of classes to be filtered for at...
Securing REST with free API Firewall How-to guide
In our modern world, web applications are becoming ever more important. Bad actors know this and they target them more frequently than ever before. This is not likely to stop any time soon as the number of web applications the world needs will only go up with its reliance on technology. To fully...