EPSS
Percentile
39.3%
JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.
labs.integrity.pt/advisories/cve-2015-7342/