You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv2:
Base Score: MEDIUM (6.5)
Vector: /AV:N/AC:H/Au:/C:L/I:L/A:L
knex - SQL Injection
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv2:
Base Score: MEDIUM (6.5)
Vector: /AV:N/AC:H/Au:/C:L/I:L/A:L
References:
OSSINDEX - [sonatype-2022-6335] CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
OSSIndex - #1227
OSSIndex - #5417
OSSIndex - https://www.ghostccamm.com/blog/knex_sqli/
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:knex:2.4.2
The text was updated successfully, but these errors were encountered: