SQL Injection Vulnerability in Pimcore AdminBundle (<=6.8.0)

SQL Injection Vulnerability in Pimcore AdminBundle (<=6.8.0)

CVE-2021-31869 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.