From c24cd14fd700b2846623d0c3e9683adb30c7062b Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 五月 2021 17:55:05 +0800
Subject: [PATCH] 修复两处存在SQL注入漏洞问题

---
 src/main/resources/mybatis/system/SysNoticeMapper.xml |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/main/resources/mybatis/system/SysNoticeMapper.xml b/src/main/resources/mybatis/system/SysNoticeMapper.xml
index c12816a..92a3335 100644
--- a/src/main/resources/mybatis/system/SysNoticeMapper.xml
+++ b/src/main/resources/mybatis/system/SysNoticeMapper.xml
@@ -18,7 +18,7 @@
     </resultMap>
     
     <sql id="selectNoticeVo">
-        select notice_id, notice_title, notice_type, notice_content, status, create_by, create_time, update_by, update_time, remark 
+        select notice_id, notice_title, notice_type, cast(notice_content as char) as notice_content, status, create_by, create_time, update_by, update_time, remark 
 		from sys_notice
     </sql>
     

--
Gitblit v1.9.3