Blind SQL Injection Vulnerability in MODX Revolution 2.x - 2.5.6

CVE-2017-1000067 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.