[ https://issues.apache.org/jira/browse/IMPALA-7859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16691331#comment-16691331 ]
Donghui Xu commented on IMPALA-7859: ------------------------------------ [~lv] Hi, Lars, would you have a look at this issue please? Thanks. > Nessus Scan find CGI Generic SQL Injection. > ------------------------------------------- > > Key: IMPALA-7859 > URL: https://issues.apache.org/jira/browse/IMPALA-7859 > Project: IMPALA > Issue Type: Bug > Components: Backend > Affects Versions: Impala 2.10.0 > Reporter: Donghui Xu > Priority: Major > > The nessus scan report shows that the 25000 port and the 25020 port contain > the risk of SQL injection, as follows: > + The following resources may be vulnerable to blind SQL injection : > + The 'object_type' parameter of the /catalog_object CGI : > /catalog_object?object_name=_impala_builtins&object_type=DATABASEzz_impa > la_builtins&object_type=DATABASEyy > How can I solve this problem? Thanks. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org