Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Summary A critical SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through sync parameters. This can lead to full database exfiltration, including admin password hashes and...