[HIGH] elFinder MySQL has a SQL Injection in its Volume Driver (elFinderVolumeMySQL)

PKSA-42xd-jnjn-nrty CVE-2026-44521 GHSA-c3gj-q88f-7hqj

Affected package: studio-42/elfinder

Affected version: <=2.1.67

Reported by:
GitHub