Описание
Jeecg-boot SQL Injection vulnerability
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Пакеты
Наименование
org.jeecgframework.boot:jeecg-boot-parent
maven
Затронутые версииВерсия исправления
<= 3.5.0
Отсутствует
Связанные уязвимости
CVSS3: 5.5
nvd
больше 2 лет назад
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.