Vulnerability in core server (CVE-2022-2625)
Extension scripts replace objects not belonging to the extension Some extensions use CREATE OR REPLACE or CREATE IF NOT EXISTS commands. Some don't adhere to the documented rule to target only objects known to be extension members already. An attack requires permission to create non-temporary...