2 matches found
GHSA-CXV7-GMMP-228P NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`
Summary An authenticated user with columnAdd permission on a Postgres-backed base can inject arbitrary SQL into the formula engine via the optional direction argument of ARRAYSORT.... The value is unrestricted by formula validation and embedded into a knex.raw ORDER BY clause, executing during...
PT-2026-46993
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description An authenticated user with columnAdd permission on a Postgres-backed base can perform SQL injection within the formula engine. The issue occurs via the optional direction argument of the...