drupal/geolocation is vulnerable to SQL Injection
95
Critical Risk
The Drupal Geolocation module contains a SQL injection vulnerability due to insufficient sanitization in an exposed Views filter. The issue only affects sites with a View that uses the vulnerable filter and is configured to accept user-supplied input.
You are affected if you are using a version that falls within the vulnerable range.
drupal/geolocation is vulnerable to SQL Injection in versions 0.0.1 - 3.14.0.
Upgrade the drupal/geolocation library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant