Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix code scanning alert – Database query built from user-controlled sources #818

Open
avelino opened this issue May 6, 2023 · 0 comments
Open

Fix code scanning alert – Database query built from user-controlled sources #818

avelino opened this issue May 6, 2023 · 0 comments
Labels
security

Comments

@avelino
Copy link
Member

avelino commented May 6, 2023

Tool: CodeQL
Rule ID: go/sql-injection
Query: View source

If a database query (such as an SQL or NoSQL query) is built from user-provided data without sufficient sanitization, a malicious user may be able to run commands that exfiltrate, tamper with, or destroy data stored in the database.

Tracking issue for: https://github.com/prest/prest/security/code-scanning/5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@avelino