GHSA-rpxg-hg79-h8q9

Source

https://github.com/advisories/GHSA-rpxg-hg79-h8q9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-rpxg-hg79-h8q9/GHSA-rpxg-hg79-h8q9.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-rpxg-hg79-h8q9

Aliases

CVE-2022-35628

Published

2022-07-15T15:28:26Z

Modified

2023-11-08T04:09:51.512093Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

SQL Injection in typo3 extension "LUX - TYPO3 Marketing Automation"

Details

A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3.

Database specific

{
    "nvd_published_at": "2022-07-12T23:15:00Z",
    "github_reviewed_at": "2022-07-15T15:28:26Z",
    "severity": "CRITICAL",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-89"
    ]
}

References

Affected packages

Packagist / in2code/lux

Package

Name: in2code/lux
Purl: pkg:composer/in2code/lux

Affected ranges

Type: ECOSYSTEM
Events: Introduced

18.0.0

Fixed

24.0.2

Affected versions

18.*

18.0.0

18.1.0

18.1.1

19.*

19.0.0

19.0.1

19.0.2

19.0.3

20.*

20.0.0

20.0.1

20.1.0

20.2.0

20.2.1

20.2.2

21.*

21.0.0

21.1.0

21.2.0

21.3.0

21.4.0

22.*

22.0.0

22.1.0

22.2.0

22.3.0

22.3.1

22.3.2

22.3.3

22.4.0

22.5.0

22.6.0

23.*

23.0.0

23.1.0

23.2.0

23.2.1

23.3.0

24.*

24.0.0

24.0.1

Packagist / in2code/lux

Package

Name: in2code/lux
Purl: pkg:composer/in2code/lux

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

17.6.1

Affected versions

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.1.0

2.2.0

2.3.0

2.3.1

2.4.0

2.5.0

3.*

3.0.0

4.*

4.0.0

4.1.0

4.1.1

4.1.2

4.1.3

5.*

5.0.0

5.1.0

6.*

6.0.0

6.1.0

6.2.0

6.3.0

7.*

7.0.0

7.0.1

7.0.2

7.1.0

7.2.0

7.2.1

7.2.2

7.2.3

7.3.0

8.*

8.0.0

8.0.1

8.1.0

8.1.1

8.2.0

8.2.1

8.2.2

9.*

9.0.0

9.1.0

9.1.1

9.1.2

10.*

10.0.0

10.0.1

10.0.2

10.1.0

10.2.0

10.3.0

10.3.1

10.3.2

10.3.3

11.*

11.0.0

11.1.0

11.2.0

11.2.1

11.3.0

11.3.1

11.3.2

11.4.0

11.5.0

11.6.0

11.7.0

11.7.1

11.8.0

12.*

12.0.0

13.*

13.0.0

13.1.0

13.2.0

13.3.0

13.4.0

13.4.1

13.4.2

14.*

14.0.0

14.0.1

14.0.2

14.0.3

14.1.0

14.2.0

14.3.0

14.3.1

14.3.2

14.4.0

14.4.1

14.4.2

15.*

15.0.0

15.0.1

15.0.2

15.0.3

15.1.0

15.2.0

15.2.1

15.2.2

15.3.0

15.3.1

16.*

16.0.0

16.0.1

16.0.2

17.*

17.0.0

17.0.1

17.0.2

17.1.0

17.1.1

17.1.2

17.2.0

17.2.1

17.2.2

17.2.3

17.3.0

17.4.0

17.4.1

17.5.0

17.6.0