New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: fix the SQL injection vulnerability in field filter #442
Conversation
|
@tangyang9464 please review |
|
@wuhan005 Please review. |
|
It seems that the blacklist can be bypassed. Boolean-based blind SQL injection can be used to get the value of the built-in function, the attacker can use functions like PoC: I think we should use a whitelist instead of the blacklist. Maybe we can use |
|
@wuhan005 Thanks for your advice. I'll fix it. |
|
@wuhan005 Please review the newest commit using whitelists. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
There is no SQL injection vulnerability, nicely done. |
|
The release is available on GitHub release Your semantic-release bot |


Signed-off-by: Yixiang Zhao seriouszyx@foxmail.com
Fix: #439
Solutions:
fieldFor the request as below:
Before:
After: