CVE-2023-43979

Name of the Vulnerable Software and Affected Versions ETS Soft ybc blog versions prior to 4.4.0

Description The issue is related to a SQL injection vulnerability. It affects the component Ybc blogBlogModuleFrontController, specifically the function getPosts().

Recommendations For versions prior to 4.4.0, update to version 4.4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Ybc blogBlogModuleFrontController component until a patch is applied. Avoid using the getPosts() function in vulnerable versions to minimize the risk of exploitation.