Skip to content

SQL query displayed on portal error

Moderate
piRGoif published GHSA-q5cf-46rg-frf8 Jan 12, 2021

Package

No package listed

Affected versions

< 2.7.2, < 3.0.0

Patched versions

2.7.2, 3.0.0

Description

Impact

When a download error is triggered in the user portal, an SQL query is displayed to the user.

Patches

Fixed in 2.7.2 and 3.0.0

Credits

Many thanks to Cyblex Technologies (Clément Speybrouck, Antoine Vacher) for this report !

References

Combodo ref N°3318

For more information

If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com

Severity

Moderate

CVE ID

CVE-2020-15219

Weaknesses

No CWEs

Credits