Sonatype SQL injection with ChangeToSqlValue
tskong opened this issue · 1 comments
tskong commented
We scanned our code base and this issue came up
sonatype-2019-0547
The SqlKata package is vulnerable to SQL Injection. The ChangeToSqlValue function in QueryBuilder.dll does not escape single quotes (') in user-supplied input, which is used to construct and execute SQL queries. A remote attacker can exploit this behavior by supplying specially-crafted input, allowing them to alter the SQL query in order to exfiltrate or modify data in an affected database.
Has this been fixed? I can't see anything in the issues log, and I can attempt a fix if not.