CVE-2021-27644
published 2021-11-01CVE-2021-27644: In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | dolphinscheduler | < 1.3.6 | 1.3.6 |
| apache_software_foundation | apache_dolphinscheduler | >= Apache DolphinScheduler < 1.3.6 | 1.3.6 |