Errors11

**Name of the Vulnerable Software and Affected Versions** ChestnutCMS version 1.5.10 **Description** A SQL injection issue exists where the `content` parameter of the 'cms content' tag can be manipulated within the admin backend. This allows the parameter to be injected into a SQL query during template rendering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.