Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-6376 - Vulnerability Database

Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-6376

Critical
Reference: CVE-2018-6376
Title: Joomla Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

In Joomla before 3.8.4 the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.