logo
DATABASE RESOURCES PRICING ABOUT US

SQL Injection in extension "Dynamic Content Element" (dce)

Description

The extension fails to properly sanitize user input and is susceptible to SQL Injection. A TYPO3 backend user account is required to exploit the vulnerability.


Affected Software


CPE Name Name Version
dce 2.2.0
dce 2.6.1
dce 2.7.0

Related