CVE-2019-8130
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.