CVE-2017-16082

CVE-2017-16082 is a remote code execution vulnerability in the pg module that triggers when the remote database or query returns a crafted column name. The provided connected documents show two vulnerable scenarios: (1) unsafe, user-supplied SQL containing a malicious column name, and (2) queryin...