CVE-2021-26558: Apache ShardingSphere-UI: Deserialization of Untrusted Data

[Juan Pan <panjuan () apache org>]

Severity: low

Description:

Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link 
resources.  This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI version 4.1.1 and later versions; 
Apache ShardingSphere-UI versions prior to 5.0.0.

Mitigation:

This issue is related to ShardingSphere-UI project. If you do not deploy UI project, it is not required to upgrade. 
Otherwise, the vulnerability issue of servers deployed UI project or version upgrade is supposed to consider.