Description
An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.
Remediation
References
https://github.com/94fzb/zrlog/issues/37
Related Vulnerabilities
CVE-2018-19907 Vulnerability in maven package org.craftercms:crafter-engine
CVE-2020-8124 Vulnerability in npm package url-parse
CVE-2020-7679 Vulnerability in maven package org.webjars.bower:casperjs
CVE-2021-29484 Vulnerability in npm package ghost
CVE-2022-40151 Vulnerability in maven package com.thoughtworks.xstream:xstream