Stash · Stash · CVE-2024-32231
**Name of the Vulnerable Software and Affected Versions**
Stash versions up to 0.25.1
**Description**
The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `sort` parameter.
**Recommendations**
For versions up to 0.25.1, as a temporary workaround, consider restricting access to the `sort` parameter to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.