Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection.
This issue affects Mediawiki - Cargo Extension: from * before 1.43.9,1.44.6,1.45.4.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:mediawiki:cargo:*:*:*:*:*:mediawiki:*:*"
],
"vendor_product": "mediawiki:cargo",
"extracted_events": [
{
"fixed": "3.9.1"
}
],
"source": "CPE_RANGE"
}
]
}