CVE-2023-22579 - Sequalize - Unsafe fall-through in getWhereConditions
CVE | CVE-2023-22579 | |||||||||||
Discovered by |
|
|||||||||||
Credits |
|
|||||||||||
Affected products |
|
|||||||||||
Page author | Victor Pasman | |||||||||||
CVSS |
Base score:
9.9
(CRITICAL) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-843 Access of Resource Using Incompatible Type ('Type Confusion') | |||||||||||
Last modified | 16 Feb 2023 10:09 |
Description
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.
JSON version