GitHub

[Bug] v2.1.20 Critical Security Vulnerability: SQL Injection in previewData Endpoint via Variable Substitution #18081

SQL Parsing & Sandboxing: Use a robust SQL parser (like JSqlParser) to analyze the final SQL and ensure it only performs SELECT operations and does not contain unauthorized clauses or multiple ...