CVE-2020-8242

Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.
References
Link Resource
https://hackerone.com/reports/968240 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:expressionengine:expressionengine:*:*:*:*:*:*:*:*

Information

Published : 2022-02-18 06:15

Updated : 2022-02-28 06:52


NVD link : CVE-2020-8242

Mitre link : CVE-2020-8242

Products Affected
No products.
CWE