CVE-2016-8903
high
CVSS v3
8.8
CVSS v2
6.5
VIR risk
8.8
Description
SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter.
Predictions
Exploit likelihood
92%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://github.com/dotCMS/core/pull/8468/
Vendor advisory: cve@mitre.org — https://github.com/dotCMS/core/pull/8460/
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| dotcms | dotcms | {"endIncluding":"3.3"} | |
References
- http://seclists.org/fulldisclosure/2016/Nov/0
- http://www.securityfocus.com/bid/94311
- https://github.com/dotCMS/core/pull/8460/
- https://github.com/dotCMS/core/pull/8468/
- https://security.elarlang.eu/multiple-sql-injection-vulnerabilities-in-dotcms-8x-cve-full-disclosure.html
- http://seclists.org/fulldisclosure/2016/Nov/0
- http://www.securityfocus.com/bid/94311
- https://github.com/dotCMS/core/pull/8460/
- https://github.com/dotCMS/core/pull/8468/
- https://security.elarlang.eu/multiple-sql-injection-vulnerabilities-in-dotcms-8x-cve-full-disclosure.html
CWEs
CWE-89
Verify integrity in audit chain (admin only). AS-IS.