Mura and Masa CMS (Open-source fork) suffer from a SQL injection vulnerability on the JSON API. By crafting a specific HTTP request, a remote and unauthenticated attacker can exploit the vulnerability to gain access to the database and perform arbitrary…Read More