RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the injection of malicious code.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-10-07 18:15
Updated : 2024-10-10 12:57
NVD link : CVE-2024-46076
Mitre link : CVE-2024-46076
CVE.ORG link : CVE-2024-46076
JSON object : View
Products Affected
No product.
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')