CVE-2024-54762 | THREATINT

Description

Ruoyi v.4.7.9 and before contains an authenticated SQL injection vulnerability. This is because the filterKeyword method does not completely filter SQL injection keywords, resulting in the risk of SQL injection.

PUBLISHED Reserved 2024-12-06 | Published 2025-01-09 | Updated 2025-01-10 | Assigner mitre

References

github.com/yangzongzhuan/RuoYi/

locrian-lightning-dc7.notion.site/...1a280b4a549dcce2c4823e8

cve.org (CVE-2024-54762)

nvd.nist.gov (CVE-2024-54762)

Download JSON