Description

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view

Affected Installs

Joomla! CMS versions 3.5.0 through 3.8.5

Solution

Upgrade to version 3.8.6

SSL Secure Connection