New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SQL injection vulnerability in field filter #439
Comments
|
@wuhan005 thanks for reporting! Do you have any suggestions for resolving it? |
|
Strict match given field is exactly one in the table, then using prepared statement to avoid SQL injection. (谷歌翻译的,将就着看吧 |
|
@seriouszyx can you fix this issue for all occurrences? |
|
@hsluoyz I'll work on it. |
In my opinion, the input |
|
CVE-2022-24124 assigned. |
The query API provides the
fieldandvalueparameters to support query by field.It inserts the user's input into the raw SQL expression which can lead to a SQL injection vulnerability.
And the
/api/get-organizationsis a public route that everyone can visit.Proof of concept:
The text was updated successfully, but these errors were encountered: