CVE-2025-22693

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 25.1.0

Description The issue is related to improper neutralization of special elements used in an SQL command, which allows SQL injection. This means that an attacker could potentially inject malicious SQL code into the application's database, leading to unauthorized access or modification of data.

Recommendations For versions prior to 25.1.0, update to version 25.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation. Avoid using user-supplied input in SQL queries until the issue is resolved.