SQL Injection Vulnerability in dotCMS before 5.1.6 via view_unpushed_bundles.jsp
CVE-2019-12872 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.