SQL Injection Vulnerability in Project-Nexus Blog Website Framework

SQL Injection Vulnerability in Project-Nexus Blog Website Framework

CVE-2022-36030 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.