2 matches found
SQL Injection
Overview parsl is a Simple data dependent workflows in Python Affected versions of this package are vulnerable to SQL Injection via the workflowid parameter in the visualization dashboard routes. An attacker can execute arbitrary SQL commands by injecting malicious input into the URL, which is th...
GHSA-F2MF-Q878-GH58 Parsl Monitoring Visualization Vulnerable to SQL Injection
Affected Product: Parsl Python Parallel Scripting Library Component: parsl.monitoring.visualization Vulnerability Type: SQL Injection CWE-89 Severity: High CVSS Rating Recommended: 7.5 - 8.6 URL: https://github.com/Parsl/parsl/blob/master/parsl/monitoring/visualization/views.py Summary A SQL...