Description Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. Remediation References CVE-2024-37843 Related Vulnerabilities Serendipity Other Vulnerability (CVE-2009-4412) WebLogic CVE-2020-14825 Vulnerability (CVE-2020-14825) Oracle Database Server CVE-2009-3410 Vulnerability (CVE-2009-3410) WordPress Plugin WP-FaceThumb 'pagination_wp_facethumb' Parameter Cross-Site Scripting (0.1) WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10) Severity Critical Classification CVE-2024-37843 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities