JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component getWorkFlowHis?insid.Referenceshttps://gitee.com/r1bbit/JFinalOA/issues/IBHURT
