CVE-2022-28111: MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter

Severity: Critical

CVSS Score: 9.8

MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.