Tobbe

**Name of the Vulnerable Software and Affected Versions** yangzongzhuan RuoYi versions up to 4.8.1 **Description** A security flaw has been discovered in yangzongzhuan RuoYi. This impacts the `filterKeyword` function of the file `/com/ruoyi/common/utils/sql/SqlUtil.java` within the Blacklist Handler component, resulting in SQL injection. The attack may be launched remotely. **Recommendations** Versions prior to 4.8.1 should be used.