| Título | erupts erupt erupt <= 1.13.3 Improper Input Validation |
|---|
| Descrição | Erupt contains a HQL (Hibernate Query Language) injection vulnerability in the table query functionality. The sort.field parameter from user requests is directly concatenated into the ORDER BY clause without validation or parameterization, allowing authenticated attackers to inject arbitrary HQL expressions. This enables cross-table data exfiltration through boolean-based blind injection techniques. |
|---|
| Fonte | ⚠️ https://fx4tqqfvdw4.feishu.cn/docx/ETWUdbPk1oCC56xoEWHc3Q28nEc?from=from_copylink |
|---|
| Utilizador | xcxr (UID 86629) |
|---|
| Submissão | 09/03/2026 07h50 (há 2 meses) |
|---|
| Moderação | 22/03/2026 12h59 (13 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 352431 [erupts erupt até 1.13.3 EruptJpaUtils.java geneEruptHqlOrderBy sort.field Injeção SQL] |
|---|
| Pontos | 20 |
|---|