CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24815 – SQL Injection when creating an application with Reactive SQL backend
https://notcve.org/view.php?id=CVE-2022-24815
11 Apr 2022 — JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option "reactive with Spring WebFlux" enabled and an SQL database using r2dbc. Applications created without "reactive with Spring WebFlux" and applications with NoSQL databases are not affected. Users who have generated a microservice Gateway using the affected version may be impacted as Gateways are reacti... • https://github.com/jhipster/generator-jhipster/commit/c220a210fd7742c53eea72bd5fadbb96220faa98 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •