Headline
GHSA-9v66-9239-cqv2: Jeecg-boot SQL Injection vulnerability
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Jeecg-boot SQL Injection vulnerability
Moderate severity GitHub Reviewed Published Aug 17, 2023 to the GitHub Advisory Database • Updated Aug 18, 2023
Related news
CVE-2023-38905: [CVE-2023-38905] sys/duplicate/check SQL注入 · Issue #4737 · jeecgboot/jeecg-boot
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.