Affected versions: ezsystems/ezcommerce-admin-ui v1.1.3, v1.2.0, ezsystems/ezcommerce-erp-admin v2.5.1
Resolving versions: ezsystems/ezcommerce-admin-ui v220.127.116.11, v18.104.22.168, ezsystems/ezcommerce-erp-admin v22.214.171.124
This Security Advisory is about a vulnerability in Ibexa Commerce. There is an SQL injection vulnerability in EcontentController. The fix is distributed via Composer, see resolving versions above.
If you come across a security issue in our products, here is how you can report it to us: https://doc.ibexa.co/en/latest/guide/reporting_issues/#toc
Have you found a security bug in Ibexa DXP? See how to report it responsibly here: https://doc.ezplatform.com/en/latest/guide/reporting_issues/