SQL Injection Vulnerability in dotCMS REST API Endpoint

SQL Injection Vulnerability in dotCMS REST API Endpoint

CVE-2020-27848 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /api/v1/containers orderby parameter. The PaginatorOrdered classes that are used to paginate results of a REST endpoints do not sanitize the orderBy parameter and in some cases it is vulnerable to SQL injection attacks. A user must be an authenticated manager in the dotCMS system to exploit this vulnerability.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.