Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
Remediation
References
Related Vulnerabilities
Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Unspecified Vulnerability (5.3.2)
PostgreSQL Insufficiently Protected Credentials Vulnerability (CVE-2021-23222)
Oracle Database Server CVE-2009-1972 Vulnerability (CVE-2009-1972)
Django Resource Management Errors Vulnerability (CVE-2015-2316)