SQL Injection Vulnerability in Apache DolphinScheduler

SQL Injection Vulnerability in Apache DolphinScheduler

CVE-2021-27644 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)

Learn more about our Cis Benchmark Audit For Apache Http Server.