Mybatis Plus SQL Injection Vulnerability in Versions Below 3.5.3.1
CVE-2023-25330 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.