Abel533

**Name of the Vulnerable Software and Affected Versions** MyBatis PageHelper versions 1.x.x through 5.3.x **Description** A time-blind SQL injection vulnerability was discovered in MyBatis PageHelper via the `orderBy` parameter. This issue allows for potential SQL injection attacks. **Recommendations** For MyBatis PageHelper versions 1.x.x through 5.3.x, consider restricting access to the `orderBy` parameter to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the `orderBy` parameter in sensitive queries. At the moment, there is no information about a newer version that contains a fix for this vulnerability.