Kkll5875

**Name of the Vulnerable Software and Affected Versions** RuoYi CMS versions prior to 4.7.9 **Description** The issue is related to a SQL injection vulnerability. It can be exploited via the `job id` parameter at the "/sasfs1" endpoint. This allows an unauthenticated attacker to manipulate the `job id` and potentially compromise data. The vulnerability affects on-prem deployments. **Recommendations** For versions prior to 4.7.9, upgrade to a version greater than 4.7.9 to mitigate the risks. As a temporary workaround, consider restricting access to the "/sasfs1" endpoint or avoiding the use of the `job id` parameter until the issue is resolved.