2024-11-28
Platform: Querydsl (with JPA)
Version: Not specified (but vulnerable in versions up to 6.8.0)
Vulnerability: HQL Injection (Blind)
Severity: Critical
Date: Assigned CVE identifier in 2024
What Undercode Says:
This critical vulnerability in Querydsl (when used with JPA) allows attackers to inject HQL queries through user-controlled input. This can lead to sensitive information disclosure and denial-of-service attacks.
The vulnerability resides in the `orderBy` method and how it handles user-supplied data. By crafting a special URL parameter, an attacker can trick the application into executing arbitrary HQL queries.
The article provides a Proof-of-Concept (PoC) code demonstrating how to exploit this vulnerability. It also details the environment used to reproduce the issue (including libraries and versions).
Here’s how to protect yourself:
Upgrade Querydsl to a patched version (after 6.8.0).
Use parameterized queries to prevent HQL injection.
Validate and sanitize all user input before using it in queries.
References:
Reported By: Github.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help