SQL Injection in github.com/flipped-aurora/gin-vue-admin

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occur. Users must: Require JWT login） and be using PostgreSQL to be affected. This issue has been resolved in version 2.5.1. There are no known workarounds.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Gin-Vue-Admin SQL注入漏洞

Gin-Vue-Admin是一个基于 Vue 和 Gin 开发的全栈前开发基础平台。 Gin-Vue-Admin 存在SQL注入漏洞，目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

N/A

N/A