8 matches found
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
CVE-2023-40787
creationtimestamp| type| source ---|---|--- 2023-08-29 16:32:05+00:00| seen| https://t.me/cibsecurity/69350...
org.springblade:blade-core-boot (=3.6.0), org.springblade:blade-core-cloud (=3.6.0) +10 more potentially affected by CVE-2023-40787 via org.springblade:blade-core-tool (=3.6.0)
org.springblade:blade-core-tool MAVEN version =3.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springblade:blade-core-tool and may be impacted: - org.springblade:blade-core-boot =3.6.0 - org.springblade:blade-core-cloud =3.6.0 -...
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
CVE-2023-40787
CVE-2023-40787 affects SpringBlade v3.6.0, where user-submitted SQL parameters are not wrapped in quotes during query execution, enabling SQL injection. Red Hat and multiple feeds corroborate the flaw in SpringBlade’s SQL handling, describing it as a lack of proper parameter quoting that could al...
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...
CVE-2023-40787
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...