SQL Injection Vulnerability in Apache DolphinScheduler
CVE-2021-27644 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)
Learn more about our Cis Benchmark Audit For Apache Http Server.