Lengjingqicai

**Name of the Vulnerable Software and Affected Versions** Apache Submarine versions 0.7.0 through 0.7.x **Description** The issue is related to an SQL injection vulnerability in Apache Submarine when a user logs in, potentially allowing a remote attacker to execute arbitrary SQL queries, resulting in unauthorized login. **Recommendations** For Apache Submarine versions 0.7.0 through 0.7.x, upgrade to version 0.8.0 to fix the issue and support the oidc authentication mode, which removes the case of unauthenticated logins. If using a version lower than 0.8.0 and not wanting to upgrade, try cherry-picking PR and rebuild the submarine-server image to fix this.