diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java
index 723e1ce44..9b4a44949 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java
@@ -185,7 +185,7 @@ public class SqlInjectionUtil {
 		//value = value.replaceAll("/\\*.*\\*/","");
 
 		for (int i = 0; i < xssArr.length; i++) {
-			if (value.indexOf(xssArr[i]) > -1 || value.startsWith(xssArr[i].trim())) {
+			if ((value.indexOf(xssArr[i]) > -1 || value.startsWith(xssArr[i].trim())) && value.length() == xssArr[i].trim().length()) {
 				log.error("请注意，存在SQL注入关键词---> {}", xssArr[i]);
 				log.error("请注意，值可能存在SQL注入风险!---> {}", value);
 				throw new RuntimeException("请注意，值可能存在SQL注入风险!--->" + value);