The functions in makeobjects.py create objects insecurely. If an attacker include a ", the attacker could escape the string and overwrite data in the object. By using FastAPI models or the SQLAlchemy equivalent, this bug is patched and it follows the intended use of models
The functions in
makeobjects.py
create objects insecurely. If an attacker include a"
, the attacker could escape the string and overwrite data in the object. By using FastAPI models or the SQLAlchemy equivalent, this bug is patched and it follows the intended use of models