CVE-2016-20018

CVE-2016-20018

EPSS 0.8%

Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/knex/knex/issues/1227 https://nvd.nist.gov/vuln/detail/CVE-2016-20018 https://www.ghostccamm.com/blog/knex_sqli/