0.001 Low
EPSS
Percentile
50.9%
knex is vulnerable to SQL Injection attacks. A specifically crafted attack statement through Knex.js allows a malicious user to inject and execute arbitrary SQL queries on the target system, ignoring the WHERE clause of a SQL query.
Knex.js
WHERE
github.com/advisories/GHSA-4jv9-3563-23j3
github.com/knex/knex/issues/1227
nvd.nist.gov/vuln/detail/CVE-2016-20018
www.ghostccamm.com/blog/knex_sqli/