Skip to content
This repository has been archived by the owner on Jul 10, 2024. It is now read-only.

[hotfix] fix security risk of SQL injection #1121

Merged
merged 1 commit into from
Mar 27, 2024
Merged

Conversation

xunliu
Copy link
Member

@xunliu xunliu commented Mar 27, 2024

What type of PR is it?

[Hot Fix]

Screenshots (if appropriate)

GET /api/sys/duplicateCheck?tableName=sys_user&fieldName=1+*+and+user_name&fieldVal=admin HTTP/1.1
Host: 192.168.153.129:32080
Accept: application/json, text/plain, */*
User-Agent: OpenAPI-Generator/v2/python
Referer: http://192.168.153.129:32080/workbench/manager/user
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

Questions:

  • Do the license files need updating? Yes/No
  • Are there breaking changes for older versions? Yes/No
  • Does this need new documentation? Yes/No

@xunliu xunliu merged commit 4e68894 into apache:master Mar 27, 2024
11 of 13 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant