High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-13	CVE-2020-5257	SQL Injection vulnerability in Thoughtbot Administrate In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. network low complexity thoughtbot CWE-89	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.