用友致远A6协同系统createMysql.jsp信息泄露

该漏洞泄露了数据库用户的账号，密码hash.code 区域/yyoa/createMysql.jsp /yyoa/ext/createMysql.jsp该文件的代码为：%@ page language="java" % %@ page session="true" % %@ page isThreadSafe="true" % %@ page import="java.sql.,net.btdz.oa.common." % % CommonSql.exeUpdate"DELETE FROM mysql.user WHERE User = 'cubetech' ";...