We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-24163



Assignermitre
Reserved2023-01-23
Published2023-01-31
Updated2024-08-02

Description

SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.

References

https://gitee.com/dromara/hutool/issues/I6AJWJ#note_15801868

https://github.com/dromara/hutool/releases/tag/5.8.21

https://github.com/google/osv.dev/issues/2195

https://gitee.com/dromara/hutool/issues/I6AJWJ#note_20057806_link

https://github.com/dromara/hutool/issues/3149

cve.org CVE-2023-24163

nvd.nist.gov CVE-2023-24163

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.