CVE-2020-15311

CVE-2020-15311

Stash 1.0.3 allows SQL Injection via the downloadmp3.php download parameter.

Source: CVE-2020-15311