An issue was discovered in MRCMS (aka mushroom) through 3.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQLi
Java
Mushroom Content Management System
NVD
GitHub
CVSS 3.0
9.8
EPSS
1.5%