Description
dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp.
Remediation
References
Related Vulnerabilities
MySQL CVE-2014-6463 Vulnerability (CVE-2014-6463)
WordPress Plugin WP Telegram (Auto Post and Notifications) Unspecified Vulnerability (2.1.8)
Java Unspesificed Vulnerability (CVE-2018-2941)
WordPress Plugin FancyFlickr Cross-Site Scripting (1.0)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (4.0.2)