admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Apache-Submarine-SQL注入漏洞CVE-2023-37924.md

Browse Source
This commit is contained in:
wy876 2023-11-23 19:39:03 +08:00 committed by GitHub
parent f49b0339ce
commit 1bf9d5e8f2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Apache-Submarine-SQL注入漏洞CVE-2023-37924.md
View File

@ -7,7 +7,7 @@ Apache Submarine是一个端到端的机器学习平台允许数据科学家
0.7.0<=apache-submarine<0.8.0.dev0
```
## 漏洞点
从官方修复得代码来看主要使用mybatis框架使用了${}造成sql注入漏洞
从官方修复得代码来看主要使用mybatis框架并写法不规范,${}造成sql注入漏洞
![](./assets/20231123192338.png)