Описание
codeigniter/framework SQL injection in ODBC database driver
CodeIgniter 3.1.0 addressed a critical security issue within the ODBC database driver. This update includes crucial fixes to mitigate a SQL injection vulnerability, preventing potential exploitation by attackers. It is noteworthy that these fixes render the query builder and escape() functions incompatible with the ODBC driver. However, the update introduces actual query binding as a more secure alternative.
Пакеты
Наименование
codeigniter/framework
composer
Затронутые версииВерсия исправления
< 3.1.0
3.1.0
10 Critical
CVSS3
10 Critical
CVSS3