CVE-2021-29343

Name of the Vulnerable Software and Affected Versions: Ovidentia CMS versions 6.x

Description: The issue concerns a SQL injection vulnerability. Specifically, it affects the id parameter of the "index.php" endpoint. An attacker can extract and display the checkbox property from text data in either the text region or the source code.

Recommendations: For Ovidentia CMS version 6.x, avoid using the id parameter in the index.php endpoint until a fix is available. As a temporary workaround, consider restricting access to the index.php endpoint to minimize the risk of exploitation.