CVE-2019-10757
08.10.2019, 20:15
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.
Vendor | Product | Version |
---|---|---|
knexjs | knex | 𝑥 < 0.19.5 |
𝑥
= Vulnerable software versions