Critical severity9.8NVD Advisory· Published May 4, 2022· Updated Jun 17, 2026
CVE-2022-28111
CVE-2022-28111
Description
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.github.pagehelper:pagehelperMaven | >= 3.5.0, < 5.3.1 | 5.3.1 |
Affected products
2- MyBatis/PageHelperdescription
Patches
Vulnerability mechanics
References
8- github.com/yangfar/CVE/blob/main/CVE-2022-42227.mdnvdExploitThird Party AdvisoryWEB
- www.cnblogs.com/secload/articles/16061420.htmlnvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-w559-623p-vfg8ghsaADVISORY
- github.com/pagehelper/Mybatis-PageHelper/issues/674nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-28111ghsaADVISORY
- pagehelper.github.ionvdProductThird Party Advisory
- github.com/pagehelper/Mybatis-PageHelper/commit/554a524af2d2b30d09505516adc412468a84d8faghsaWEB
- pagehelper.github.ioghsaWEB
News mentions
0No linked articles in our index yet.