Layer5 Meshery 0.5.2 - SQL Injection
Layer5 Meshery 0.5.2 contains a SQL injection vulnerability in the REST API that allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint order parameter in GetMesheryPatterns in models/mesherypatternpersister.go. id: CVE-2021-31856 info: name: Layer5 Meshe...