Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available.
{
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-89"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/36xxx/CVE-2022-36030.json"
}{
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "1.0.1"
},
{
"introduced": "1.0.1"
}
],
"cpe": "cpe:2.3:a:project-nexus_project:project-nexus:1.0.1:*:*:*:*:*:*:*",
"source": [
"AFFECTED_FIELD",
"CPE_STRING"
]
}