The dce (aka Dynamic Content Element) extension 2.2.0 up to and including 2.6.x prior to 2.6.2, and 2.7.x prior to 2.7.1, for TYPO3 allows SQL Injection via a backend user account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dynamic content elements project dynamic content elements |