A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler.…

A SQL injection vulnerability has been identified in DedeCMS version 5.7.88. The vulnerability exists in the TrimMsg function within the /plus/feedback.php file of the Feedback Handler component. Attackers can exploit this vulnerability by manipulating the 'msg' argument to execute SQL injection attacks. The vulnerability can be exploited remotely, making it particularly dangerous. The exploit has been publicly disclosed and is available for use, increasing the risk of active exploitation. This affects the content management system's feedback functionality and could allow unauthorized database access.