Severity: low Description:
In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password) Credit: This issue was discovered by Jinchen Sheng of Ant FG Security Lab
