CVE-2021-27581: SQL Injection

March 5, 2021 (updated March 15, 2021)

The Blog module in Kentico CMS R2 build allows SQL injection via the tagname parameter.

References

kontent.ai/
nvd.nist.gov/vuln/detail/CVE-2021-27581

Code Behaviors & Features

Detect and mitigate CVE-2021-27581 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →