Vulnerability Details CVE-2025-56316
A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.5%
CVSS Severity
CVSS v3 Score 9.8
References