From 524ad4e6ddc04f2f0cfacb33f42c2f022629bbbb Mon Sep 17 00:00:00 2001
From: abbfun <819589789@qq.com>
Date: 星期一, 23 五月 2022 15:36:18 +0800
Subject: [PATCH] fastjson 版本升级 fastjson <= 1.2.80 存在反序列化任意代码执行漏洞

---
 ruoyi-system/src/main/resources/mapper/system/SysNoticeMapper.xml |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/ruoyi-system/src/main/resources/mapper/system/SysNoticeMapper.xml b/ruoyi-system/src/main/resources/mapper/system/SysNoticeMapper.xml
index 76caf2d..6915a14 100644
--- a/ruoyi-system/src/main/resources/mapper/system/SysNoticeMapper.xml
+++ b/ruoyi-system/src/main/resources/mapper/system/SysNoticeMapper.xml
@@ -18,7 +18,7 @@
     </resultMap>
     
     <sql id="selectNoticeVo">
-        select notice_id, notice_title, notice_type, notice_content, status, create_by, create_time, update_by, update_time, remark 
+        select notice_id, notice_title, notice_type, cast(notice_content as char) as notice_content, status, create_by, create_time, update_by, update_time, remark 
 		from sys_notice
     </sql>
     

--
Gitblit v1.9.2