Donghui Xu created IMPALA-7859: ---------------------------------- Summary: Nessus Scan find CGI Generic SQL Injection. Key: IMPALA-7859 URL: https://issues.apache.org/jira/browse/IMPALA-7859 Project: IMPALA Issue Type: Bug Components: Backend Affects Versions: Impala 2.10.0 Reporter: Donghui Xu
The nessus scan report shows that the 25000 port and the 25020 port contain the risk of SQL injection, as follows: + The following resources may be vulnerable to blind SQL injection : + The 'object_type' parameter of the /catalog_object CGI : /catalog_object?object_name=_impala_builtins&object_type=DATABASEzz_impa la_builtins&object_type=DATABASEyy How can I solve this problem? Thanks. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org