CVE-2023-22580 - Sequalize - Bad query filtering leading to SQL errors
| CVE | CVE-2023-22580 | |||||||||||
| Discovered by |
|
|||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| Page author | Victor Pasman | |||||||||||
| CVSS |
Base score:
5.3
(MEDIUM) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | |||||||||||
| Last modified | 16 Feb 2023 10:09 |
Description
Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure.
JSON version