MySqL and PostgreSQL dialect are not injection safe
Closed this issue · 0 comments
jakobbraun commented
Currewntly the MySQL and PostgreSQL Identifier allow SQL injection:
System.out.println(MySQLIdentifier.of("test`, `asdf`, `other").quote());--> `test`, `asdf`, `other`