Skip to content

SPEL漏报问题 #25

New issue
New issue
Open
Bug
Open
SPEL漏报问题#25
Bug
Labels
bugSomething isn't working
@Sp4rks3

Description

@Sp4rks3
Sp4rks3
opened on May 16, 2025

审计代码为datagear4.6.0 (https://github.com/datageartech/datagear/tree/v4.6.0)
尝试使用插件复现issuse的漏洞 datageartech/datagear#32

使用sink查找器,RCE下SPEL_RCE的sink类为org.springframework.expression.ExpressionParser#parseExpression(java.lang.String),sink方法为parseExpression。

并不能找到org.datagear.persistence.support.ConversionSqlParamValueMapper#evaluateVariableExpression中的
org.springframework.expression.common.TemplateAwareExpressionParser#parseExpression(java.lang.String)

(如是我使用方式有问题,请忽略这条issue)

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions