CVE-2017-20163
Red Snapper NView is affected; the mutate function in src/Session.php is vulnerable to SQL injection via the session parameter. The patch cbd255f55d476b29e5680f66f48c73ddb3d416a8 is recommended as a fix. A temporary workaround from PT-2023-10615 suggests disabling mutate or restricting access to ...