CVE-2022-27360

CVE-2022-27360

EPSS 2.0%

SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://forum.butian.net/share/1089 https://gitee.com/smallc/SpringBlade/blob/master/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml https://saber.bladex.vip/#/login