DedeCMS 5.x SQL Injection Vulnerability CVE-2023-27709
- CVSSv3 Score
- Vulnerability description
DedeCMS is prone to an SQL injection vulnerability.
- Risk description
An SQL injection vulnerability allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dede/story_catalog.php endpoint.
No known solution is available as of 17th March, 2023. Information regarding this issue will be updated once solution details are available.
- Not available