CVE-2023-43192

Name of the Vulnerable Software and Affected Versions SpringbootCMS version 1.0 JFinalcms (affected versions not specified)

Description The issue exists in a newly created part of the background, where parameters submitted by users are not filtered. This allows special characters in parameters to destroy the original logic of SQL statements, enabling attackers to execute any SQL statement.

Recommendations For SpringbootCMS version 1.0, consider filtering user-submitted parameters to prevent SQL injection attacks. For JFinalcms, at the moment, there is no information about a newer version that contains a fix for this vulnerability.