CVE-2017-7628

Name of the Vulnerable Software and Affected Versions Joomla "Smart related articles" extension version 1.1

Description The issue concerns SQL injection in the dialog.php file of the "Smart related articles" extension for Joomla. An attacker must use the search cats variable in the POST method to exploit this vulnerability. The API endpoint involved is not explicitly mentioned, but the exploitation method involves sending a POST request with malicious input for the search cats variable.

Recommendations For Joomla "Smart related articles" extension version 1.1, consider disabling the dialog.php file or restricting access to it until a patch is available. As a temporary workaround, avoid using the search cats variable in POST requests to the affected endpoint.