SQL Injection

2019-11-2001:28:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

59.4%

JSON

Pixie is vulnerable to SQL injection. The attack is possible because it does not sanitize the parameter to thelimit() function, allowing an attacker to inject and execute malicious SQL script through it.

CPENameOperatorVersion
usmanhalalit/pixiele2.0.0
usmanhalalit/pixiele1.0.2

CPE	Name	Operator	Version
	usmanhalalit/pixie	le	2.0.0
	usmanhalalit/pixie	le	1.0.2

References

github.com/usmanhalalit/pixie/commit/9bd991021abbcbfb19347a07dca8b7e518b8abc9

0.002 Low

EPSS

Percentile

59.4%

JSON

Related for VERACODE:21981