Description
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
Remediation
References
https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ
Related Vulnerabilities
CVE-2014-7810 Vulnerability in maven package org.apache.tomcat:tomcat-el-api
CVE-2019-10405 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2020-11990 Vulnerability in npm package cordova-plugin-camera
CVE-2021-32730 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2021-41184 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery-ui