CVE-2023-22579 - Sequalize - Unsafe fall-through in getWhereConditions
| CVE | CVE-2023-22579 | |||||||||||
| Discovered by |
|
|||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| Page author | Victor Pasman | |||||||||||
| CVSS |
Base score:
9.9
(CRITICAL) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-843 Access of Resource Using Incompatible Type ('Type Confusion') | |||||||||||
| Last modified | 16 Feb 2023 10:09 |
Description
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.
JSON version