CVE-2022-26585
SQL injection in net.mingsoft:ms-mcms
EPSS 48.2%
Description
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability via /cms/content/list.
How to fix CVE-2022-26585
No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.
- Maven/net.mingsoft:ms-mcms—no fix listed
Is CVE-2022-26585 being exploited?
Moderate — EPSS is 48.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, <= 5.2.7