(BAN-B608) Audit required: Risk of possible SQL injection vector through string-based query construction

ColinRobbins / scm-helper

Helper tool to manage data in Swim Club Manager

MIT License

3 stars 0 forks source link

Closed ColinRobbins closed 3 years ago

ColinRobbins commented 3 years ago

Constructing SQL query using user provided data is insecure. It makes application vulnerable to [SQL injection](SQL injection) attacks.

There is 1 occurrence of this issue in the repository.

ColinRobbins commented 3 years ago

Password is a dummy. closed.