CVE-2020-10243

An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt