8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.7%
ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleController.class.php and is exploitable by normal authenticated users via the post[id][1] parameter in an article edit_post action.
github.com/thinkcmf/cmfx/issues/26