[net.mingsoft:ms-mcms] SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-23898
• https://github.com/ming-soft/MCMS/issues/62
• https://github.com/advisories/GHSA-p94q-9q2m-pfh2