CVE-2022-44140

Name of the Vulnerable Software and Affected Versions Jizhicms version 2.3.3

Description A SQL injection issue was found in the /Member/memberedit.html component. This allows for potential exploitation via SQL injection attacks.

Recommendations For Jizhicms version 2.3.3, consider restricting access to the /Member/memberedit.html component until a patch is available. As a temporary workaround, avoid using user-inputted data in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.