Csz Cms · Csz Cms · CVE-2021-46377
**Name of the Vulnerable Software and Affected Versions**
cszcms version 1.2.9
**Description**
The issue is related to a front-end sql injection vulnerability. It affects the `cszcms/controllers/Member.php` file, specifically the `viewUser` section.
**Recommendations**
For cszcms version 1.2.9, consider restricting access to the `viewUser` section in `cszcms/controllers/Member.php` until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.