ID CVE-2019-10757
Summary knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Last major update 08-10-2019 - 16:30
Published 08-10-2019 - 16:15
Last modified 08-10-2019 - 16:30
Back to Top