Block or Report
Block or report abel533
Report abuse
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abusePinned
224 contributions in the last year
Contribution activity
June 2022
Created 6 commits in 4 repositories
Opened 1 pull request in 1 repository
mybatis-mapper/provider
1
closed
Created an issue in pagehelper/Mybatis-PageHelper that received 7 comments
关于 CVE-2022-28111漏洞!!!
这种漏洞应该在调用方通过正则或者白名单处理,有些人的需求会用到函数等各种复杂排序,因此分页插件不做校验。 如果你从前端传递一个 SQL 用 JDBC 原生方式执行,你是不是发现了一个天大的漏洞? 如果JDBC不做处理,是不是就不用 JDBC 了? 如果这个漏洞会影响你们项目选择分页插件,可以在…
7
comments