CVE-2019-10757
CVE-2019-10757
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.
Produtos afetados
n/a · knex.jsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://snyk.io/vuln/SNYK-JS-KNEX-471962