Description
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP CSV Unspecified Vulnerability (1.7.8.0)
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
Zope Web Application Server Other Vulnerability (CVE-2000-0062)
WordPress Plugin WordPress fancyBox Lightbox Cross-Site Scripting (1.0.1)
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7873)