216.73.216.197

CVE-2025-56316

· Published 17/10/2025 19:15 · Modified 17/10/2025 19:15

Labels: CVE-2025-56316 2025-10-17CVE-2025-56316[email protected]

Essential information

Published
17/10/2025 19:15
Modified
17/10/2025 19:15
Author
Creator
CISA KEV
No
CWE

Description

A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
mcms / mcms cpe:2.3:a:mcms:mcms:5.5.0:*:*:*:*:*:*:*

References