CIVI-SA-2015-005 - SQL Injection in CiviMail Backend

Publicat

2015-03-04 12:15

Written by

totten

The backend CiviMail composition screen includes an input field which is passed to a SQL query without proper escaping.

An exploit of this vulnerability in CiviCRM has not been identified. Additional filters apply to the field which block a number of SQL control characters. Never-the-less, it could potentially be combined with other vulnerabilities, and we're issuing a patch as a precaution.

Security Risk

Not Critical

Vulnerability

SQL Injection

Affected Versions

CiviCRM v4.5.0 - v4.5.6

CiviCRM v4.4.0 - v4.4.12

(Older versions: Unassessed)

Fixed Versions

CiviCRM v4.5.7+, v4.4.13+

Solutions

Upgrade to CiviCRM v4.5.7+, v4.4.13+,
Apply https://github.com/civicrm/civicrm-core/pull/5281

Credits

Stan Dragnev (RNAO)
Tim Otten (CiviCRM)

We are in the process of translating the civicrm.org website. Translations may not be available in all languages. Read more and participate.

© 2005 - 2023, CIVICRM LLC. All rights reserved.
CiviCRM and the CiviCRM logo are trademarks of CIVICRM LLC. Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Share Alike 3.0 United States Licence.

[D8]

CIVI-SA-2015-005 - SQL Injection in CiviMail Backend

WORK WITH A TRUSTED EXPERT
TO SETUP YOUR CIVICRM

Languages

CIVI-SA-2015-005 - SQL Injection in CiviMail Backend

WORK WITH A TRUSTED EXPERT TO SETUP YOUR CIVICRM

WORK WITH A TRUSTED EXPERT
TO SETUP YOUR CIVICRM