CNNVD-202511-1932 Information

Nov 17, 2025 cve

CNNVD ID

CNNVD-202511-1932

CVE-2025-13268

  • CNNVD Published: 2025-11-17

Description (Chinese)

dataCompare是dromara开源的一个大数据比较与分析平台。 dataCompare 1.0.1及之前版本存在安全漏洞,该漏洞源于对文件src/main/java/com/vince/xq/project/system/dbconfig/service/DbconfigServiceImpl.java中函数DbConfig的错误操作,可能导致注入攻击。

Description (English)

Datacompare is a large data comparison and analysis platform for an open source of domara. Datacompare 1.0.1 and previous versions contain a security loophole, which stems from an error in the central function of dbConfig/dbconfigServiceImpl.java for document src/main/java/com/vince/xq/project/system/dbconfig/service/dbconfigServiceImpl.java, which may result in an injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

dromara

Published

2025-11-17

Last Modified

2026-02-24

References

https://vuldb.com/?id.332603 https://github.com/dromara/dataCompare/issues/13 https://vuldb.com/?ctiid.332603 https://vuldb.com/?submit.689460 https://access.redhat.com/security/cve/cve-2025-13268

Share on: