CVE-2022-27162

Name of the Vulnerable Software and Affected Versions CSZ CMS version 1.2.2

Description The issue is related to SQL Injection, which can be exploited via the cszcms admin Members editUser function. This allows for potential unauthorized access to sensitive data.

Recommendations For CSZ CMS version 1.2.2, as a temporary workaround, consider restricting access to the cszcms admin Members editUser function until a patch is available. Avoid using this function in production environments to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.