CVE-2017-1000067: SQL Injection

July 17, 2017 (updated July 21, 2017)

Modx is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.

References

nvd.nist.gov/vuln/detail/CVE-2017-1000067

Code Behaviors & Features

Detect and mitigate CVE-2017-1000067 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →