04 Oct 2016
CVE-2016-6652 Vulnerability
SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call. (CVSS:0.0) (Last Update:2016-10-05)
Vulnerability Details : SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call. Publish Date : 2016-10-05 Last Update Date : 2016-10-05 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-6652
- References For CVE-2016-6652
| ||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-6652There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |