Automattic: Sql injection on docs.atavist.com

hello dear team I have found SQL injection on docs.atavist.com url:http://docs.atavist.com/readerapi/stories.php?limit=10&offset=20&organizationid=88822&search=0&sort= parameters: injectable search=0 Parameter: search GET Type: AND/OR time-based blind Title: MySQL = 5.0.12 AND time-based blind...