← back
CVE-2020-7939

CVE-2020-7939

EPSS 1.2%
SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://plone.org/security/hotfix/20200121https://plone.org/security/hotfix/20200121/sql-injection-in-dtml-or-in-connection-objectshttps://www.openwall.com/lists/oss-security/2020/01/22/1http://www.openwall.com/lists/oss-security/2020/01/24/1