CVE-2026-38812

Vulnerability Description

RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information.

Vulnerability Details

Published Date

June 15, 2026

Last Modified

June 15, 2026

Source

NVD

External References

https://github.com/jjcjgo/CVE-2026-38812-RuoYi-SQL-Injection

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment