SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the idPage parameter. An attacker can retrieve, create, update, or delete database records by injecting crafted input in the /melis/MelisCms/PageEdition/getTinyTemplates endpoint. Remediation Upgrade...