CVE-2025-27522: Apache InLong: JDBC Vulnerability during verification processing

The vulnerability lies in the case-sensitive checking of sensitive parameters within JDBC URLs, specifically in the MySQLSensitiveUrlUtils.containSensitiveKey method. Parameters like autoDeserialize, allowLoadLocalInfile, and allowUrlInLocalInfile are intended to be disabled or handled carefully. The original code checked for these parameters using exact string matches (e.g., key + "=true"). An attacker could bypass this check by using mixed casing (e.g., autoDeserialize=TRue). This bypass would mean that the MySQLSensitiveUrlUtils.filterSensitive method, which relies on containSensitiveKey, would fail to remove or neutralize these dangerous parameters. Consequently, higher-level functions like MySQLSinkDTO.filterSensitive that use these utilities would operate on unsanitized JDBC URLs. If such a URL with a parameter like autoDeserialize=TRue (bypassing the filter) is used to establish a JDBC connection, it could lead to deserialization of untrusted data, as indicated by the CVE description (CWE-502). The patch addresses this by changing the checks in containSensitiveKey to be case-insensitive using StringUtils.containsIgnoreCase.