From 1bf9d5e8f229aaab08d182fc669cee0be717e491 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 23 Nov 2023 19:39:03 +0800
Subject: [PATCH] =?UTF-8?q?Update=20Apache-Submarine-SQL=E6=B3=A8=E5=85=A5?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9ECVE-2023-37924.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Apache-Submarine-SQL注入漏洞CVE-2023-37924.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Apache-Submarine-SQL注入漏洞CVE-2023-37924.md b/Apache-Submarine-SQL注入漏洞CVE-2023-37924.md
index 6aae6eb..62960a8 100644
--- a/Apache-Submarine-SQL注入漏洞CVE-2023-37924.md
+++ b/Apache-Submarine-SQL注入漏洞CVE-2023-37924.md
@@ -7,7 +7,7 @@ Apache Submarine是一个端到端的机器学习平台，允许数据科学家
 0.7.0<=apache-submarine<0.8.0.dev0
 ```
 ## 漏洞点
-从官方修复得代码来看，主要使用mybatis框架，使用了${}造成sql注入漏洞
+从官方修复得代码来看，主要使用mybatis框架，并写法不规范，${}造成sql注入漏洞
 ![](./assets/20231123192338.png)