Amazingday

**Name of the Vulnerable Software and Affected Versions** glorylion JFinalOA version 1.0.2 **Description** A critical issue affects the processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java, where the manipulation of the `id` argument leads to sql injection. The attack can be initiated remotely. **Recommendations** For glorylion JFinalOA version 1.0.2, consider restricting access to the `SysOrg.java` file and avoid using the `id` argument in the affected processing until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.