SQL Injection in resquel
High severity
GitHub Reviewed
Published
Sep 11, 2020
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Description
Reviewed
Aug 31, 2020
Published to the GitHub Advisory Database
Sep 11, 2020
Last updated
Jan 9, 2023
All versions of
resquel
are vulnerable to SQL Injection. Query parameters are not properly sanitized, allowing attackers to inject SQL statements and execute arbitrary SQL queriesRecommendation
No fix is currently available. Consider using an alternative package until a fix is made available.
References