| 제목 | erupts erupt erupt <= 1.13.3 Improper Input Validation |
|---|
| 설명 | Erupt contains a HQL (Hibernate Query Language) injection vulnerability in the table query functionality. The sort.field parameter from user requests is directly concatenated into the ORDER BY clause without validation or parameterization, allowing authenticated attackers to inject arbitrary HQL expressions. This enables cross-table data exfiltration through boolean-based blind injection techniques. |
|---|
| 원천 | ⚠️ https://fx4tqqfvdw4.feishu.cn/docx/ETWUdbPk1oCC56xoEWHc3Q28nEc?from=from_copylink |
|---|
| 사용자 | xcxr (UID 86629) |
|---|
| 제출 | 2026. 03. 09. AM 07:50 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 22. PM 12:59 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 352431 [erupts erupt 까지 1.13.3 EruptJpaUtils.java geneEruptHqlOrderBy sort.field SQL 주입] |
|---|
| 포인트들 | 20 |
|---|