Products
Craft CMS
- up to v3.7.31
Source
cve@mitre.org
Tags
CVE-2024-37843 details
Published : June 25, 2024, 9:15 p.m.
Last Modified : June 25, 2024, 9:15 p.m.
Last Modified : June 25, 2024, 9:15 p.m.
Description
Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://blog.smithsecurity.biz/craft-cms-unauthenticated-sqli-via-graphql | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.