PT-2021-24438 — SQL injection in Ez Systems Ez Publish Legacy

PT-2021-24438 · Ez Systems · Ez Publish Legacy

Published

2021-09-07

Updated

2021-09-07

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: eZ Publish Legacy (affected versions not specified)

Description: The issue concerns a potential SQL injection vulnerability in the content object state code of eZ Publish Legacy. Although there are no known exploits, it is theoretically possible for one to exist. The estimated number of potentially affected devices worldwide is not available.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

GHSA-JPWX-FFJQ-WR4W

Affected Products

Ez Publish Legacy

PT-2021-24438 · Ez Systems · Ez Publish Legacy

Weakness Enumeration

Related Identifiers

Affected Products

References · 5