Unrated severityNVD Advisory· Published Jul 30, 2020· Updated Aug 4, 2024
CVE-2020-16165
CVE-2020-16165
Description
The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Injection in an ORDER BY clause. This is related to the /api/blade-log/api/list ascs and desc parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SpringBlade/SpringBladedescription
- Range: <=2.7.1
Patches
Vulnerability mechanics
References
1- github.com/chillzhuang/SpringBlade/issues/9mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.