Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
Remediation
References
Related Vulnerabilities
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.42)
MediaWiki Other Vulnerability (CVE-2013-2114)
WordPress Plugin AMP extensions Cross-Site Scripting (1.1)
WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.5.2)
WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)