COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2020-17463

CVE-2020-17463

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-12-10
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-17463
⌖ exploited in the wild shame 50/100 exploited-in-wild

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.

Players implicated

Fuel CMS · vendorFuel CMS · product

Description

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.