An SQL injection vulnerability has been reported in dotCMS H2 Database. The vulnerability is due to insufficient validation of the inode parameter in HTTP request sent to the getCreateSortChildren function. A remote attacker could exploit this vulnerability by sending a malicious HTTP request to the target server.