On Tue, Nov 1, 2016 at 5:05 PM, Brandon Perry wrote:
>
>> On Oct 31, 2016, at 2:41 PM, Elar Lang wrote:
>>
>> Title: Multiple SQL injection vulnerabilities in dotCMS (8x CVE)
>> Credit: Elar Lang / https://security.elarlang.eu
>> Vendor/Product: dotCMS (http://dotcms.com/)
>> Vulnerability: SQL i
> On Oct 31, 2016, at 2:41 PM, Elar Lang wrote:
>
> Title: Multiple SQL injection vulnerabilities in dotCMS (8x CVE)
> Credit: Elar Lang / https://security.elarlang.eu
> Vendor/Product: dotCMS (http://dotcms.com/)
> Vulnerability: SQL injection
> Vulnerable version: before 3.5; 3.3.1 and 3.3.2 (
Title: Multiple SQL injection vulnerabilities in dotCMS (8x CVE)
Credit: Elar Lang / https://security.elarlang.eu
Vendor/Product: dotCMS (http://dotcms.com/)
Vulnerability: SQL injection
Vulnerable version: before 3.5; 3.3.1 and 3.3.2 (depends on CVE)
CVE: CVE-2016-8902, CVE-2016-8903, CVE-2016-890