SQL Injection
Discription

cubejs-backend/api-gateway is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the `/v1/sql-runner` endpoint allows a malicious authenticated user to inject and execute arbitrary SQL queries on the target system.Read More

Back to Main

Subscribe for the latest news: