CVE-2022-45135

CVE-2022-45135: Apache Cocoon: SQL injection in DatabaseCookieAuthenticatorAction

Vendor Apache Software Foundation

Product Apache Cocoon

Weakness CWE-89 · SQLi

Published November 30, 2023

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.

Key dates

Disclosure timeline

November 30, 2023 CVE published

February 13, 2025 Record updated