RSS   Podatności dla 'Mailtrain'   RSS

2021-02-19
 
CVE-2020-24617

CWE-89
 

 
Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped.

 


Copyright 2024, cxsecurity.com

 

Back to Top