Miggo Logo
Miggo Vulnerability Database
CVE-2025-56316

CVE-2025-56316: MCMS vulnerable SQL injection via the content_title parameter

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-56316
GHSA ID
GHSA-54wc-49qj-5ghj
EPSS Score
0.2455%
CWE
CWE-89
Published
10/17/2025
Updated
10/21/2025
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
net.mingsoft:ms-mcmsmaven>= 5.5.0, < 6.0.26.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

* SQL inj**tion vuln*r**ility in t** *ont*nt_titl* p*r*m*t*r o* t** /*ms/*ont*nt/list *n*point in M*MS *.*.* t*rou** *.*.* *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry SQL qu*ri*s vi* uns*nitiz** input in t** *r**M*rk*r t*mpl*t* r*n**rin*.

Reasoning

No *n*lysis *v*il**l*