CVE-2023-39640

Name of the Vulnerable Software and Affected Versions UpLight cookiebanner versions prior to 1.5.1

Description The issue is related to a SQL injection vulnerability via the component Hook::getHookModuleExecList(). This vulnerability was discovered in UpLight cookiebanner.

Recommendations For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Hook::getHookModuleExecList() component until a patch is available.