CVE-2017-20269

Name of the Vulnerable Software and Affected Versions Joomla! Component KissGallery version 1.0.0

Description An SQL injection allows unauthenticated attackers to inject SQL commands through the component URL path. By supplying malicious SQL code in the 'kissgallery' endpoint, attackers can execute arbitrary database queries and extract sensitive information. SQL injection is a type of flaw that allows an attacker to interfere with the queries that an application makes to its database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.