Description: | | Yibao OA is an enterprise-level office automation system designed to help enterprises achieve efficient collaborative work and business process management. Yibao OA provides a series of powerful tools, including but not limited to process approval, document management, scheduling, collaborative office, personnel management, etc., to provide an integrated solution for enterprises. Yibao OA have SQL injection vulnerabilities, the vulnerability is due to system effectively filter ExecuteSqlForDataSet interface to user input, lead to a malicious attacker can be SQL injection string concatenation. |