cruddl is vulnerable to sql injection attacks. The vulnerability exists because of the missing sanitizations in the query
function in arangodb-adapter.ts
which allows a remote attacker to inject and execute malicious javascript script in to the system. .
CPE | Name | Operator | Version |
---|---|---|---|
cruddl | le | 2.7.0-alpha.1 | |
cruddl | le | 3.0.0 | |
cruddl | le | 2.7.0-alpha.1 | |
cruddl | le | 3.0.0 |