Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Plone CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-7939 - Vulnerability Database
Plone CMS

Plone CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-7939

High
Reference: CVE-2020-7939
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-7939
Title: Plone CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)