alfjjacob
commented
4 years ago Added input validations on server side API's
Closed alfjjacob closed 4 years ago
alfjjacob
commented
4 years ago Added input validations on server side API's
SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.
/api/dataflow/save [id JSON parameter] /api/dataflowgraph/save [dataflowId JSON parameter] /api/hpcc/read/getData [fileName parameter] /api/report/read/associatedDataflows [type parameter] /sockjs-node [URL path filename]