Description Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. Remediation References CVE-2024-37843 Related Vulnerabilities WordPress Plugin Ultimate Addons for Visual Composer Multiple Vulnerabilities (3.16.10) WordPress Plugin JetWidgets for Elementor and WooCommerce Local File Inclusion (1.1.7) Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32052) Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430) WordPress Plugin MW WP Form Cross-Site Scripting (2.10.0) Severity Critical Classification CVE-2024-37843 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities