Dotcms Dotcms : Security vulnerabilities, CVEs Information leak published in 2016

CVE-2016-3688

SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr.

Max CVSS

6.5

EPSS Score

0.17%

Published

2016-04-19

Updated

2016-04-28

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Dotcms » Dotcms : Security Vulnerabilities, CVEs, Published In 2016 (Information Leak)

CVE-2016-3688