MySqL and PostgreSQL dialect are not injection safe
Closed this issue · 0 comments
jakobbraun commented
Currewntly the MySQL and PostgreSQL Identifier allow SQL injection:
System.out.println(MySQLIdentifier.of("test`, `asdf`, `other").quote());
--> `test`, `asdf`, `other`