EPSS
Percentile
53.1%
generator-jhipster is vulnerable to SQL Injection attacks. A remote attacker is able to inject malicious user input via the findAllBy function because the queries passed through criteria are not sanitized.
findAllBy
criteria
github.com/jhipster/generator-jhipster/commit/c220a210fd7742c53eea72bd5fadbb96220faa98
github.com/jhipster/generator-jhipster/issues/18269
github.com/jhipster/generator-jhipster/pull/18294
github.com/jhipster/generator-jhipster/security/advisories/GHSA-qjmq-8hjr-qcv6