cve/2023/CVE-2023-43667.md

### [CVE-2023-43667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43667)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20InLong&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.4.0%3C%3D%201.8.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)

### Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false records, making it harder to auditand trace malicious activities. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it.[1]  https://github.com/apache/inlong/pull/8628 

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/miguelc49/CVE-2023-43667-1
- https://github.com/miguelc49/CVE-2023-43667-2
- https://github.com/miguelc49/CVE-2023-43667-3
- https://github.com/nomi-sec/PoC-in-GitHub
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								### [CVE-2023-43667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43667)
 								![](https://img.shields.io/static/v1?label=Product&message=Apache%20InLong&color=blue)
 								![](https://img.shields.io/static/v1?label=Version&message=1.4.0%3C%3D%201.8.0%20&color=brighgreen)
 								![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
 								### Description
 								Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false records, making it harder to auditand trace malicious activities. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it.[1]  https://github.com/apache/inlong/pull/8628
 								### POC
 								#### Reference
 								No PoCs from references.
 								#### Github
 								- https://github.com/fkie-cad/nvd-json-data-feeds
-												Update CVE sources 2024-05-28 08:49

											
										
										
											2024-05-28 08:49:17 +00:00
+								- https://github.com/miguelc49/CVE-2023-43667-1
 								- https://github.com/miguelc49/CVE-2023-43667-2
 								- https://github.com/miguelc49/CVE-2023-43667-3
 								- https://github.com/nomi-sec/PoC-in-GitHub
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00