CVE-2023-40787

CVE-2023-40787

EPSS 19.4%

In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://gist.github.com/kaliwin/9d6cf58bb6ec06765cdf7b75e13ee460 https://sword.bladex.cn/