CVE-2025-51510
MoonShine contains a SQL injection in the Blog module via the data parameter of the moonshine-tree-resource component (versions Categories page. Root cause: unsafely embedded data parameter allows injection; PoCs and public reports describe extracting data from moonshine_users and demonstrating ...