RSS   Vulnerabilities for 'KNEX'   RSS

2019-10-08
 
CVE-2019-10757

CWE-89
 

 
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.

 


Copyright 2024, cxsecurity.com

 

Back to Top