A vulnerability classified as critical has been found in Apache Cocoon =2.2.x. Affected is an unknown function. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2022-45135. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.