CVE-2018-6843: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

March 19, 2018 (updated April 12, 2018)

Kentico has SQL injection in the administration interface.

References

gist.github.com/zamous/c0afd7e21f3111de873c7bef6dcd9dd7
nvd.nist.gov/vuln/detail/CVE-2018-6843

Code Behaviors & Features

Detect and mitigate CVE-2018-6843 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →