Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-15153 - Vulnerability Database

Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-15153

Critical
Reference: CVE-2020-15153
Title: Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.