Querydsl: HQL Injection (CVE-2024-49203) – Critical

2024-11-28

Platform: Querydsl (with JPA)
Version: Not specified (but vulnerable in versions up to 6.8.0)
Vulnerability: HQL Injection (Blind)
Severity: Critical
Date: Assigned CVE identifier in 2024

What Undercode Says:

This critical vulnerability in Querydsl (when used with JPA) allows attackers to inject HQL queries through user-controlled input. This can lead to sensitive information disclosure and denial-of-service attacks.

The vulnerability resides in the `orderBy` method and how it handles user-supplied data. By crafting a special URL parameter, an attacker can trick the application into executing arbitrary HQL queries.

The article provides a Proof-of-Concept (PoC) code demonstrating how to exploit this vulnerability. It also details the environment used to reproduce the issue (including libraries and versions).

Here’s how to protect yourself:

Upgrade Querydsl to a patched version (after 6.8.0).

Use parameterized queries to prevent HQL injection.

Validate and sanitize all user input before using it in queries.

References:

Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top