Umthelela
Izinguqulo zesipoki 3.24.0 kuye ku-6.19.0 zisengozini yokuba sengozini yomjovo we-SQL ebalulekile Kokuqukethwe API [S1]. Umhlaseli ongagunyaziwe angasebenzisa leli phutha ukuze akhiphe imiyalo ye-SQL ephikisana nesizindalwazi esingaphansi [S2]. Ukuxhaphaza ngempumelelo kungase kubangele ukudalulwa kwedatha yomsebenzisi ebucayi noma ukuguqulwa okungagunyaziwe kokuqukethwe kwesayithi [S3]. Lokhu kuba sengozini kunikezwe isikolo se-CVSS esingu-9.4, okubonisa ubukhali bakho obubucayi [S2].
Imbangela
Inkinga isuka ekuqinisekiseni okokufaka okungafanele ngaphakathi kwe-Ghost Content API [S1]. Ngokucacile, uhlelo lokusebenza luyehluleka ukuhlanza kahle idatha enikezwe umsebenzisi ngaphambi kokuyihlanganisa kumibuzo ye-SQL [S2]. Lokhu kuvumela umhlaseli ukuthi asebenzise ukwakheka kombuzo ngokujova izingcezu ze-SQL ezinonya [S3].
Izinguqulo Ezithintekile
Izinguqulo eziyisipoki eziqala ku-*3.24.0 kuze kufike futhi ezifaka 6.19.0** zisengozini kulolu daba [S1][S2].
Ukulungiswa
Abalawuli kufanele bathuthukise ukufakwa kwabo kwe-Ghost kube inguqulo ethi 6.19.1 noma kamuva ukuze baxazulule lobu bungozi [S1]. Le nguqulo ihlanganisa amapeshi anciphisa ngokufanelekile okokufaka okusetshenziswe Kokuqukethwe API imibuzo [S3].
Ukuhlonza Ukuba sengozini
Ukukhonjwa kwalobu bungozi kuhlanganisa nokuqinisekisa inguqulo efakiwe yephakheji ye-ghost ngokumelene nebanga elithintekile (3.24.0 ukuya ku-6.19.0) [S1]. Amasistimu asebenzisa lezi zinguqulo abhekwa engcupheni enkulu yokujova i-SQL ngokuqukethwe API [S2].