Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Centralized-Salesforce-Dev-Framework SOQL SObjectService.cls SObjectService injection
Vulnerability Description
A vulnerability was found in Centralized-Salesforce-Dev-Framework. It has been declared as problematic. Affected by this vulnerability is the function SObjectService of the file src/classes/SObjectService.cls of the component SOQL Handler. The manipulation of the argument orderDirection leads to injection. The patch is named db03ac5b8a9d830095991b529c067a030a0ccf7b. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217195.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
输出中的特殊元素转义处理不恰当(注入)
Vulnerability Title
Centralized Salesforce Development Framework 注入漏洞
Vulnerability Description
Centralized Salesforce Development Framework是Scott Covert个人开发者的一个 Force.com 平台上的集中开发框架。 Centralized Salesforce Development Framework 存在注入漏洞,该漏洞源于对参数orderDirection的错误操作导致注入。
CVSS Information
N/A
Vulnerability Type
N/A