Description
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gutenberg Template Library & Redux Framework Multiple Vulnerabilities (4.2.11)
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
WordPress Plugin Invoicing with InvoiceXpress for WooCommerce-Free Cross-Site Scripting (3.0.2)
WordPress Plugin WP-Matomo (WP-Piwik) Unspecified Vulnerability (1.0.18)