Описание
SQL Injection in typeorm
Versions of typeorm before 0.1.15 are vulnerable to SQL Injection. Field names are not properly validated allowing attackers to inject SQL statements and execute arbitrary SQL queries.
Recommendation
Upgrade to version 0.1.15
Пакеты
Наименование
typeorm
npm
Затронутые версииВерсия исправления
< 0.1.15
0.1.15
Дефекты
CWE-89
Дефекты
CWE-89