mediawiki/core is vulnerable to sql injection. The vulnerability exists due to insecure quote handling in the getAllOrValues
function in SDAppliedFilter.php
allows an attacker to inject arbitrary queries.
CPE | Name | Operator | Version |
---|---|---|---|
mediawiki/core | le | 1.37.1 | |
mediawiki/core | le | 1.37.1 |