SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.
References
Configurations
History
15 May 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
Summary | (en) SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine. | |
References |
|
07 Feb 2023, 19:12
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 | |
CPE | cpe:2.3:a:hutool:hutool:5.8.11:*:*:*:*:*:*:* | |
References | (MISC) https://gitee.com/dromara/hutool/issues/I6AJWJ#note_15801868 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Hutool
Hutool hutool |
31 Jan 2023, 17:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-31 16:15
Updated : 2024-05-15 16:15
NVD link : CVE-2023-24163
Mitre link : CVE-2023-24163
CVE.ORG link : CVE-2023-24163
JSON object : View
Products Affected
hutool
- hutool
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')