SQL Injection Vulnerability
alongreyber opened this issue · 1 comments
alongreyber commented
robokache/internal/robokache/get.go
Lines 21 to 26 in 0fc11f3
Queries in the get.go
are built using Sprintf. This allows a SQL Injection attack using a string like the following for the owner variable:
'DROP TABLE questions;'
Fix is to replace Sprintf with db.Prepare which accepts placeholders and fills them safely.
patrickkwang commented
You may be able to make this safe with db.Query()
, but just use placeholders for those conditions. I think the use case for Prepare()
instead of Query()
is slightly different.